SleepyCrypt: Encrypting a running PE image while it sleeps
SleepyCrypt: A shellcode function that encrypts the loaded image of a PE file when sleeping.
Offsec by day, offsec by night.
SleepyCrypt: A shellcode function that encrypts the loaded image of a PE file when sleeping.
Writing a malicious driver to steal tokens from kernel mode.
Some notes on dropping payloads to disk.
A Review of the Sektor7 RED TEAM Operator: Windows Evasion Course
A Review of the Sektor7 RED TEAM Operator: Malware Development Intermediate Course