Damon MohammadbagherETWPM2Monitor2.1 vs SysPM2Monitor2.7 & PoshC2 Server.ETWPM2Monitor2.1 vs SysPM2Monitor2.7 & PoshC2 Server.3 min read·May 1, 2022----
Damon MohammadbagherDll Hollowing Attack vs ESET Endpoint AV & Kaspersky Endpoint SecurityDll Hollowing Attack vs ESET Endpoint AV / Kaspersky Endpoint Security3 min read·Apr 2, 2022----
Damon MohammadbagherProcess Injection Techniques + (SysPM2Monitor2.7 Sysmon vs ETW ETWPM2Monitor2.1)Process Injection Techniques + (SysPM2Monitor2.7 Sysmon vs ETW ETWPM2Monitor2.1)8 min read·Mar 18, 2022----
Damon MohammadbagherETWPM2Monitor2 & Remote-Thread-Injection Detection by ETWETWPM2Monitor2 & Remote-Thread-Injection Detection by ETW7 min read·Aug 13, 2021----
Damon MohammadbagherCall/Invoke Async C# Method via Callback Function APIsCall/Invoke Async C# Method via Callback Function APIs3 min read·Apr 8, 2021----
Damon MohammadbagherCallback Function Techniques & Native Code ExecutionCallback Function Techniques & Native Code Execution5 min read·Apr 8, 2021----
Damon Mohammadbagher“Memhunter” vs “Sysmon v13.01” & Process Hollowing TechniqueProcess Hollowing is one of the top techniques which is used by Advanced Malware like “Duqu”and sill using by Hackers & Malwares (still is…1 min read·Jan 17, 2021----
Damon MohammadbagherPayload & Technique DetectionPayload & Technique Detection5 min read·Dec 28, 2020----
Damon MohammadbagherBypass all anti-viruses by Encrypted Payloads with C#Bypass all anti-viruses by Encrypted Payloads with C#5 min read·Aug 18, 2020----
Damon MohammadbagherTransferring Backdoor Payloads with BSSID by Wireless TrafficTransferring Backdoor Payloads with BSSID by Wireless Traffic11 min read·Aug 18, 2020----