Learning security

This section contains articles concerning practical computer security. Some articles are just tutorials you can follow and others look more like research article. Unless stated, all articles should be understandable to advance computer users. Some article are more simple than that. When an article requires a any kind of good knowledge or other prerequisite, it is specified inside a note at the beginning of the article.
Every other detail you should know about the article (like the license) is specified inside a note at the beginning of the article.


Nb : This site is open and its goal is to share, you never have to login to post a message or a comment. However, in order to respect others, do not post any advertising, any illegal or irrelevant message. The sevagas team reserves the right to remove any message or comments without any warning.

The last articles

MSDT DLL Hijack UAC bypass
Published on 2 February 2022
by Emeric Nasi

Note: This post requires some basic knowledge about Windows security and SysInternals toolsuit.

License : Copyright Emeric Nasi, some rights reserved

This work is licensed under a Creative Commons Attribution 4.0 International License.

1. Introduction

At the end of my talk at (...)

Hide HTA window for RedTeam
Published on 15 July 2021
by Emeric Nasi

License : Copyright Emeric Nasi (@EmericNasi), some rights reserved

This work is licensed under a Creative Commons Attribution 4.0 International License.

About

I wrote this short post to explain how to create a stealthy HTA file that launches without any window or taskbar mention. (...)

Code Injection - Weaponize GhostWriting Injection
Published on 2 September 2020
by Emeric Nasi

Prerequisites: This document requires some knowledge about Windows system programming. Also, it is mandatory to be familiar with concepts presented in Code injection series part 1.

License : Copyright Emeric Nasi (@EmericNasi), some rights reserved

This work is licensed under a Creative (...)

Bypass Defender and other thoughts on Unicode RTLO attacks
Published on 25 May 2020
by Emeric Nasi

License : Copyright Emeric Nasi (@EmericNasi), some rights reserved

This work is licensed under a Creative Commons Attribution 4.0 International License.

I. About

I have been looking a bit into Unicode and Right-To-Left-Override phishing attacks lately. Mainly because I noticed that (...)

Code Injection - Disable Dynamic Code Mitigation (ACG)
Published on 1 December 2019
by Emeric Nasi

Prerequisites: This document requires some knowledge about Windows system programming. Also, it is mandatory to be familiar with concepts presented in Code injection series part 1 and 2.

License : Copyright Emeric Nasi (@EmericNasi), some rights reserved

This work is licensed under a (...)