-
Advanced MacroPack payloads: XLM Injection
How it is possible to inject and run Excel 4.0 macro in memory from a non Excel format payload (ex Word, HTA, Help files,...). How to generate using MacroPack...Continue reading →
18 September 2020 0 messages -
EXCEL 4.0 XLM macro in MacroPack Pro
Excel 4.0 macro (also called XLM) have been commonly used by malicious operators these last years, it has also been analyzed and commented by several researches (red or blue)....Continue reading →
18 September 2020 0 messages -
Bypass Defender and other thoughts on Unicode RTLO attacks
I have been looking a bit into Unicode and Right-To-Left-Override phishing attacks lately. Mainly because I noticed that Windows Defender was detecting payloads generated with...Continue reading →
25 May 2020 1 messages
-
Code Injection - Weaponize GhostWriting Injection
Lets talk about this code injection technique called GhostWriting that works by manipulating the register states of the target process thread. Continue reading →
2 September 2020 0 messages
Search
Most popular
1. VNC to access Kali Linux on Raspberry Pi
3. Yet another sdclt UAC bypass
4. Advanced MacroPack payloads: XLM Injection
5 random articles
1. Hide meterpreter shellcode in executable
2. Bypass Antivirus Dynamic Analysis
3. Linux security using a limited group (PAM modules)
4. Code Injection - Bypass start address protection
Sponsor
If you appreciate my work, you may help or reward with a contribution :)
