- GetEnvironmentVariable as an alternative to WriteProcessMemory in process injections https://x-c3ll.github.io/posts/getenvironmentvariable-process-injection/ 4 comments netsec
- Tunneling traffic through MySQL service (or your mysqld is my new SOCKS5) https://x-c3ll.github.io/posts/pivoting-mysql-proxy/ 3 comments netsec
- Isolating the logic of an encrypted protocol with LIEF and kaitai https://x-c3ll.github.io/posts/blackbox-lief-kaitai/ 3 comments netsec
- Building C&Cs with DNS communication in few minutes https://x-c3ll.github.io/posts/dns-endpoint-exfiltration/ 6 comments netsec
- Beyond pty.spawn - use pseudoterminals in your reverse shells (DNScat2 example) https://x-c3ll.github.io/posts/forkpty-dnscat2/ 10 comments netsec
- Parasiting web server process with webshells in permissive environments https://x-c3ll.github.io/posts/parasite-web-server-process/ 5 comments netsec
- Loading "fileless" Shared Objects (memfd_create + dlopen) https://x-c3ll.github.io/posts/fileless-memfd_create/ 4 comments netsec