In my early days of malware development and penetration testing, like everybody else I had started by injecting malicious shellcodes into the memory of victim pc to gain access over the C2 server using a popular pen-testing tool called Metasploit framework console. MSF console is a very useful tool for advanced penetration testing if used properly.
Blogs22.Sep.2023
it was CVE-2020-40444 MSHTML Remote code execution vulnerability and its attack cycle included Microsoft Word as a victim process that initiates the attack
Blogs04.Oct.2023
On-Disk Detection: Bypass AV’s/EDR’s using syscalls with legacy instruction, series of instructions and random nop instructions
Blogs13.Apr.2023
Shellcode injection is one of the most used defence evasion technique because shellcode is injected into a volatile memory therefore there are no traces left of any exploitation.
Blogs13.Apr.2023