Dll Hollowing Attack vs ESET Endpoint AV / Kaspersky Endpoint Security in this article you can see how some type of Attack still is working Against some Anti-virus , in this case i want to talk about (Dll Hollowing) attack which Was Detected by Kaspersky Endpoint Security but Shell code…

Process Injection Techniques + (SysPM2Monitor2.7 Sysmon vs ETW ETWPM2Monitor2.1) in this article i want to talk about Sysmon Events vs ETW Events + Remote Thread Injection or Process/Code Injection techniques, but in this case i want to work with Metasploit payloads (as always), i made two tools, first ETWPM2Monitor2 v2.1…

ETWPM2Monitor2 & Remote-Thread-Injection Detection by ETW in this article i want to talk about “Remote-Thread-Injection Detection by ETW” also i want to talk about C# codes like “ETWProcessMon2.exe & ETWPM2Monitor2”, which i made for Monitoring ETW events for Remote-Thread-Injection Detection, but the goal is talking/thinking about how can use ETW…

Call/Invoke Async C# Method via Callback Function APIs in this article i want to talk about “Callback Functions APIs” with one “New C# Trick” (not really new for some C# Devs ;D), before that we should talk about CallBack Functions which explained by Microsoft: “A callback function is code within…

Callback Function Techniques & Native Code Execution in this article i want to talk about “Callback Functions” which is a very good technique to Execute Payload/Code with using “CreateThread” API Function, these techniques & C++ code made by two Security Researchers (S4R1N & Chaitanya Haritash). Security Researcher “S4R1N” said: “According…

Process Hollowing is one of the top techniques which is used by Advanced Malware like “Duqu”and still using by Hackers & Malwares (still is useful…) i had some simple tests for this Technique by my own code & “Minjector” made by “Marcos Oviedo” (https://github.com/marcosd4h/memhunter) also i tested New Version for…

Payload & Technique Detection in this article i want to talk about Payload Detection & Technique Detection which is very important,it is not about Windows Defender AV, it is about almost all Anti-viruses… as you can see in this case my simple Code “NativePayload_TId.exe” in the “Picture 1”, my code…

Bypass all anti-viruses by Encrypted Payloads with C# Note: This Article Published: (November 24, 2016). Some people asked me about how you can bypass all AV anti-viruses? My answer is: very simple. But this is Secretly Technique and the most Pentester or hackers never share that for other people. They have their reason for that like me and…

Transferring Backdoor Payloads with BSSID by Wireless Traffic Note: This Article Published (March 5, 2017). in this article I want to talk about Wireless Access Point and BSSID (MAC-Address AP). We talked about ARP traffic in IPv4 now we should talk about something like that in Wireless Traffic so this technique is something like ARP Technique in my…