Malware Development Introduction aka Malware Dev 101 - Part 1
Malware Development Introduction (aka Malware Dev 101) - Part 1
Posts by Year
2024
2023
Sliver C2 Deployment for Red Team Engagements
Sliver has been a popular open-source C2 in recent years and has had continuous improvements since its release. It’s cross-platform and easy to setup which w...
The right way to proxy .NET tools through SOCKS proxies
Scenario: You’re on a red team engagement and want to execute .NET utilites in your Beacon but need to increase your chances at evasion and opsec. You obviou...
2022
Malware Development: CSharp Alterntive Shellcode Callbacks
For a while now, people have been using alternative callback methods in C/CSharp payloads instead of the vanilla CreateThread() or similar Windows API funct...
Malware Development: DLL Sideloading via ‘DLL Proxying’
I’m going to cover an example of how to perform a DLL sideload from start to finish using a C++ payload and a legitimate DLL commonly found on disk. The spec...
Cobalt Strike - BOF Collection
Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
2021
Cobalt Strike - Red Team CheatSheet
I created a handy cheat sheet for Cobalt Strike commands for red teaming engagements which utilize both CSharp and PowerShell tools.
2020
Back to Top ↑2019
Sans GXPN - Course Review
In October of 2018 I had the lucky opportunity to take the Sans SEC660 “Advanced Penetration Testing, Exploit Writing, and Ethical Hacking” in-person course....
Ret2libc Buffer Overflow Demo Video
A little demo walk through I made of a Linux Ret2Libc style buffer overflow to bypass DEP stack protections which is featured in the Sans GXPN course and cer...
Hitachi Security Blog Posts
In 2018 I started doing some freelance writing for Hitachi security systems. The posts focused on introductory penetration testing and vulnerability assessm...
2018
OSCP Review
Review of my OSCP experience Course link
SLAE Assignment 3
SecurityTube Linux Assembly Expert (SLAE) Course Exercises
SLAE Assignment 2
SecurityTube Linux Assembly Expert (SLAE) Assignment 2
SLAE Assignment 1
SecurityTube Linux Assembly Expert (SLAE) Course Exercises