-
Hey, so I'm learning about ntcreateuserprocess and trying to use it to pop calc. I came across your github repo and it looks like really good stuff!
I am having a few issues though that is preventi…
-
I need some help...I am working on NextGen AV evasion and I am trying to fingerprint where/why the AV is killing my meterpreter. I am using a combination of dprintf() and sleep() to try and figure out…
-
Generate detection rule using the Carbanak [step 5.C](https://github.com/center-for-threat-informed-defense/adversary_emulation_library/tree/master/carbanak/Emulation_Plan/Scenario_1#5c---lateral-move…
-
I'm using [a custom theme](https://www.deviantart.com/sagorpirbd/art/Windows-8-Themes-for-Win10-Final-556761647), and I think it looks better without the aero.msstyles behavior.
-
## Steps to reproduce
How'd you do it?
1. reverse_https payload is executed on victims computer
2. victim connects back with initial shell
3. stdapi is unable to load even manually giving the …
bkr32 updated
3 years ago
-
Attacker System: Windows 10 x64 18363 connected to FT601 with USB3.0 cable
Target System: Windows 10 x64 17763 connected to AC701 using PCIe 4x
PCILeech version: PCILeech_files_and_binaries_v4.5…
-
This payload works in an x86 Microsoft Excel document. It crashes in x64 excel while, it works if compiled as a .NET binary instead. Just checking if you've had any issues with x64 office macros or if…
-
**Feature Request or Bug**
Bug
**Describe the feature request or bug**
dotnet run says that submodules are not initialized when I clone the repo with the --recurse-submodules flag.
**To Reprod…
ghost updated
3 years ago
-
Hi guys, currently I'm working on a PoC who the main goal is to monitor userspace processes running inside a VM. The main focus of this PoC is to monitor the text section of a given process in order t…
-
--autobreak flag provide the injection of "int 3" instruction into the shellcode, what could corrupt the shellcode execution.
Possible solution:
set the breakpoint before the jump to shellcode exe…