Office 365 AMSI Bypass (fixed)
Microsfot fixed their detection logic, so this doesn’t work anymore.
Recent posts
Beating Windows Defender. Analysis of Metasploit’s new evasion modules.
A research on why the new defender evasion modules fail to evade
Linux enumeration with read access only
When attackers have arbitrary file read access to a Linux machine, they can leverage the /proc filesystem for enumeration
Basics of Windows shellcode writing
A second look at the arcane art of shellcode writing
Analysis of a Trojan downloader
Malware analysis of a trojan downloader
Petya/NotPetya Ransomware Analysis
Analysis of the Petya/NotPetya ransomware.
HTTP Steganography PoC
A PoC for hiding data in HTTP headers.
Basic Reverse Engineering (writeup) - Part 0x02
Cmubomb challenge writeup from the Modern Binary Exploitation course.
Basic Reverse Engineering (writeup) - Part 0x01
Bomb challenge writeup from the Modern Binary Exploitation course.
Basic Reverse Engineering (writeup) - Part 0x00
Crackme challenges writeup from the Modern Binary Exploitation course.