• Security tools
    • MacroPack
    • Glyptodon
      • Suggestions
      • Download
  • Links
  • Learning security
    • The human factor
    • Operating Systems
      • Windows
        • Code injection series
      • GNU Linux
    • Networks
      • Local Area Network
      • Firewalls, IDS, IPS
    • Miscellaneous
    • Malwares
    • Applications
      • Web applications
      • Java
  • Exploits
  • About us
  • Launch shellcodes and bypass Antivirus using MacroPack Pro VBA payloads

    If you have ever been frustrated with manually writing Office/VBS payloads that ends up being detected by antivirus read this post! MacroPack Pro provides multiple options and templates related... Continue reading →

    D 21 January 2021     A Emeric Nasi     C 0 messages

1 | 2 | 3

  • Advanced MacroPack payloads: XLM Injection

    How it is possible to inject and run Excel 4.0 macro in memory from a non Excel format payload (ex Word, HTA, Help files,...). How to generate using MacroPack...
    Continue reading →
    D 18 September 2020     A Emeric Nasi     C 0 messages
  • EXCEL 4.0 XLM macro in MacroPack Pro

    Excel 4.0 macro (also called XLM) have been commonly used by malicious operators these last years, it has also been analyzed and commented by several researches (red or blue)....
    Continue reading →
    D 18 September 2020     A Emeric Nasi     C 0 messages
  • Code Injection - Weaponize GhostWriting Injection

    Lets talk about this code injection technique called GhostWriting that works by manipulating the register states of the target process...
    Continue reading →
    D 2 September 2020     A Emeric Nasi     C 0 messages

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 20

Search


Most popular

1.  VNC to access Kali Linux on Raspberry Pi

2.  Advanced MacroPack payloads: XLM Injection

3.  Bypass Defender and other thoughts on Unicode RTLO attacks

4.  Yet another sdclt UAC bypass

5.  Hacking around HTA files


5 random articles

1.  Glyptodon-1.2-b

2.  Modify any Java class field using reflection.

3.  Iptables firewall versus nmap and hping3

4.  Code Injection - Disable Dynamic Code Mitigation (ACG)

5.  TVT DVR/CCTV webshell exploit


Sponsor

If you appreciate my work, you may help or reward with a contribution :)

  • ->  Paypal donation

Most recent articles
  • 1 September 2019 – Code Injection - Process PE Injection Basics
  • 24 February 2019 – Bypass Windows Defender Attack Surface Reduction
  • 23 January 2019 – Yet another sdclt UAC bypass
  • 23 June 2018 – Advanced USB key phishing
  • 7 February 2018 – Hacking around HTA files
  • 20 July 2017 – Digging passwords in Linux swap
  • 2 January 2017 – XSS : Get string without quote
  • 15 December 2016 – TVT DVR/CCTV webshell exploit

1 | 2 | 3 | 4 | 5

Recent comments
  • July 2020, tim :
    « Did you import any librarys in the python script as mine doesnt appear to (...) »
  • April 2020, Nanyo :
    « After spending a while to get everything to compile the injected code (...) »
  • February 2020, ajay :
    « In the code segment for stub at line 38, the realmain() function call is (...) »
  • August 2019, Emeric Nasi :
    « Hi, I am currently writing a new series of post on injection including a (...) »

1 | 2 | 3 | 4 | 5

Latest news
Tweets by EmericNasi

2010-2021 Sevagas
Archives | Log in | Contact

RSS 2.0 twitter linkedin facebook