Posts organized by category
This page contains the posts of this website organized by category
DLL Hijacking
Microsoft 365 and Azure Active Directory
Windows API
- Random Windows API code snippets
- Enumerating Device Drivers: implementation and connection with APTs
- Map file to process memory utilizing NtCreateSection and NtMapViewOfSection
- Skeleton Code to Create Control Panel Items
- Skeleton Code to Create PoC DLL
- Exporting functions from DLL using the actual function name
- PE Parser in Windows API
- Reinventing the wheel: DLL Injection via CreateRemoteThread
- Reinventing the wheel: DLL Injection via SetWindowsHookExA
active directory
assembly
detection evasion
kiosk breakout
native Windows tool
persistence
- Anthology of persistent execution techniques on Linux
- Persistence: Component Object Model (COM) hijacking
- Persistence 101: Looking at the Startup directory as attacker and defender
- Persistence and Privilege Escalation on Windows via Print Monitors
- Persistence and Privilege Escalation on Windows via Print Processors
- Persistence 101: Looking at the Scheduled Tasks
- Persistence and Privilege Escalation on Windows via Time Providers
- Persistence and Privilege Escalation on Windows via Windows Management Instrumentation Event Subscription