Windows Evasion Low Level Api Techniques
Unleashing Advanced Evasion Techniques in Windows with Low-Level API Manipulation.
Maerih
JADX + AI Copilots: Smarter Droid Analysis
Hack smarter, crack deeper: Jadx + AI copilots redefine Android application (APK) security analysis like a goddess.
VBA Bazooka: Different Ways of Launching
Dissecting Advanced VBA Macro Execution Techniques.
Threadless Process Injection: Slipping In Silently
Executing malware using the target’s own threads.
JSFuck for Javascript Obfuscation
Write any JavaScript with 6 Characters.
Shopizer 2.16.0 - 'Multiple' Cross-Site Scripting (XSS)
A stored cross-site scripting (XSS) vulnerability in Shopizer before version 2.17.0 allows remote attackers to inject arbitrary web script or HTML via customer_name in various forms of store admini...
Agent Athena: Mythic C2 Communications Over Discord
Using Discord bot as a covert channel, Mythic C2’s Athena enables stealthy communication for red team command and control.
Hijacking ClickOnce
ClickOnce apps launch under the Deployment Service (dfsvc.exe), enabling attackers to proxy execution of malicious payloads through this trusted host.
Backdooring Existing MSIs
How attackers embed malicious binaries in legitimate Microsoft Windows Installation (.msi).
Crafting the Perfect Malleable C2 Profile for Cobalt Strike
Best way to craft a custom Malleable C2 profile in Cobalt Strike to evade detection and mimic legitimate network traffic.