API Hashing — Why Malware Loves (And You Should Care)Imagine this: you’re a cybersecurity expert, eyes glued to your screen, thinking you’ve caught that pesky malware red-handed. You’ve seen…Jan 2522Jan 2522
Comprehensive Guide to Booting, Bootloaders, and related Attack Vectors and Security — Part 1Bootloaders are a critical component of modern computer systems, forming the bridge between the hardware and the operating system (OS). In…Jan 8Jan 8
Published inILLUMINATIONReviving the Fork BombFork bombing is a type of denial-of-service (DoS) attack designed to exploit system resources by recursively creating processes until the…Dec 30, 202449Dec 30, 202449
Mastering eBPF: Harnessing the Power of Kernel-Level Security and Intrusion Prevention, and…eBPF (extended Berkeley Packet Filter) is a revolutionary technology that allows programs to run safely and efficiently in the Linux kernel…Dec 20, 2024Dec 20, 2024
Demystifying ASLR: Understanding, Exploiting, and Defending Against Memory RandomizationDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…Dec 5, 20241Dec 5, 20241
Unmasking Browser Extensions — From Forensics to SecurityWhat are Browser Extensions?Nov 26, 2024Nov 26, 2024
Unveiling Windows Services: The Hidden Engines of Your OSOnce upon a time in the vast digital kingdom of Windows, there existed a special breed of applications known as Windows Services. Unlike…Oct 24, 2024Oct 24, 2024
When USBs Attack: Exploring the Underbelly of Malicious LNK FilesA USB (Universal Serial Bus) device is a standardized interface used for communication between computers and peripherals such as storage…Oct 13, 2024221Oct 13, 2024221
Whispers in the Code: Inter Process Communication (IPC) and Named Pipes For Covert C2Inter-Process Communication (IPC) refers to mechanisms that allow processes to communicate with each other within an operating system (OS)…Oct 7, 20244Oct 7, 20244
Published inInfoSec Write-upsExploring Integer Overflow — The realm of exploiting binariesWhat Does Integer Overflow Mean?Oct 6, 20244Oct 6, 20244
Damn Vulnerable Windows Application in a NutshellDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…Sep 20, 2024Sep 20, 2024
Exploring MSI Files: The Good, the Bad, and the UglyDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…Sep 18, 2024Sep 18, 2024
Vulnerable Windows Driver In a NutshellDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…Sep 15, 2024Sep 15, 2024
Anatomy of State of the Art DebuggerDebuggers are specialized tools used by developers, security researchers, and reverse engineers to inspect the internal behavior of…Sep 14, 2024Sep 14, 2024
All kill Zero Fill — Anatomy of EDR KillersThe evolution of Antivirus (AV) technologies began in the early 1980s with signature-based detection, where AVs identified malware by…Sep 12, 2024Sep 12, 2024
Vulnerable PDF reader in a NutshellDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…Sep 10, 2024Sep 10, 2024
Internet Shortcut (.url) file in a NutshellA .url file, also known as an Internet Shortcut, is a text-based file format used by Windows to store a hyperlink or URL (Uniform Resource…Sep 8, 2024Sep 8, 2024
Process Injection in a NutshellDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…Sep 7, 2024Sep 7, 2024
Anatomy of IAT and EAT HookingImport Address Table (IAT) and Export Address Table (EAT) hooking are techniques used to modify the flow of execution in a Windows process…Aug 20, 2024Aug 20, 2024
Anatomy of an Anti-Debugging MalwareAnti-debugging is a technique used by Malware developers to shield their malware from analysts who might attempt to analyze it or…Aug 15, 2024Aug 15, 2024