Callback Function Techniques & Native Code Execution

Picture 1: Meterpreter Payload Detected in memory
Picture 2: AV bypassed and Payload not Detected in memory
Picture 3: Trend-micro bypassed
Picture 4: Trend-micro bypassed
Picture 5: Payload in memory detected by Bitdefender
Picture 6: this technique not detected by ESET
Picture 7: this technique not detected by ESET
Picture 8: this technique not detected by Kaspersky
Picture 9: callback technique not detected by Kaspersky Endpoint Security but meterpreter payload detected in memory
Picture 10: this technique & payload not detected by Kaspersky Endpoint Security

--

--

--

Security Researcher , Pentester

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Serverless observability made easy with Lambda Powertools for Java — Metrics & Logging

CloudWatch Logs Insights (filter & query on the left, discovered fields on the right)

Class vs Instance feat Attr Accessor

“It Can’t Be Done”

Customizing Firefox

Beyond Interviews

How to use CORS in Apollo

Testing Java Mail Applications with Greenmail and Jsoup

Clojure: My Journey of 1.5 Years

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Damon Mohammadbagher

Damon Mohammadbagher

Security Researcher , Pentester

More from Medium

CS373 Spring 2022: Nathan Whyte

CS373 Spring 2022: Blog #6

CS371p Spring 2022 Blog#8: Abishai Mark Gundy

Why Gossip is Good