Forwarded from AVN COMMUNITY 🪬
🔖 Windows API Function Cheatsheets
0. Process Enumeration Code
1. DLL Injection
2. PE Injection
3. Reflective Injection
4. APC Injection
5. Process Hollowing (Process Replacement)
6. AtomBombing
7. Process Doppelgänging
8. Process Herpaderping
9. Hooking Injection
10. Extra Windows Memory Injection
11. Propagate Injection
12. Heap Spray
13. Thread Execution Hijacking
14. Module Stomping
15. IAT Hooking
16. Inline Hooking
17. Debugger Injection
18. COM Hijacking
19. Phantom DLL Hollowing
20. PROPagate
21. Early Bird Injection
22. Shim-based Injection
23. Mapping Injection
24. KnownDlls Cache Poisoning
----->
Github: Link
#Cheatsheets
0. Process Enumeration Code
1. DLL Injection
2. PE Injection
3. Reflective Injection
4. APC Injection
5. Process Hollowing (Process Replacement)
6. AtomBombing
7. Process Doppelgänging
8. Process Herpaderping
9. Hooking Injection
10. Extra Windows Memory Injection
11. Propagate Injection
12. Heap Spray
13. Thread Execution Hijacking
14. Module Stomping
15. IAT Hooking
16. Inline Hooking
17. Debugger Injection
18. COM Hijacking
19. Phantom DLL Hollowing
20. PROPagate
21. Early Bird Injection
22. Shim-based Injection
23. Mapping Injection
24. KnownDlls Cache Poisoning
----->
Github: Link
#Cheatsheets
GitHub
GitHub - 7etsuo/windows-api-function-cheatsheets: A reference of Windows API function calls, including functions for file operations…
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,...
🔥1
Forwarded from /mdre/
Guys if you like my posts, please don't mind to share them, it will help channel grow :)
Bypassing Windows Defender antivirus in 2025. Using Direct Syscalls and XOR encryption.
https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-1/
https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-2/
https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-1/
https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-2/
Hackmosphere
Windows Defender antivirus bypass in 2025 - part 1
Discover how antivirus works and how to setup a lab for (Windows Defender) antivirus bypass. Basic code is provided to start experimenting !
👍1
Exploiting Qualcomm based Android phones (slides)
"GPUAF - Two ways of Rooting All Qualcomm based Android phones"
https://powerofcommunity.net/poc2024/Pan%20Zhenpeng%20&%20Jheng%20Bing%20Jhong,%20GPUAF%20-%20Two%20ways%20of%20rooting%20All%20Qualcomm%20based%20Android%20phones.pdf
"GPUAF - Two ways of Rooting All Qualcomm based Android phones"
https://powerofcommunity.net/poc2024/Pan%20Zhenpeng%20&%20Jheng%20Bing%20Jhong,%20GPUAF%20-%20Two%20ways%20of%20rooting%20All%20Qualcomm%20based%20Android%20phones.pdf
🔥2
Forwarded from RME-DisCo @ UNIZAR [www.reversea.me]
Bypassing Windows Defender antivirus in 2025: Evasion Techniques Using Direct Syscalls and XOR Encryption – Part 1 #WindowsDefender #AntivirusBypass #Cybersecurity #Syscalls #XOREncryption https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-1/
Hackmosphere
Windows Defender antivirus bypass in 2025 - part 1
Discover how antivirus works and how to setup a lab for (Windows Defender) antivirus bypass. Basic code is provided to start experimenting !
👍3
Bypassing Detections with Command-Line Obfuscation
#ArgFuscator
#Windows
#LinuxMACOS
https://www.wietzebeukema.nl/blog/bypassing-detections-with-command-line-obfuscation
#ArgFuscator
#Windows
#LinuxMACOS
https://www.wietzebeukema.nl/blog/bypassing-detections-with-command-line-obfuscation
www.wietzebeukema.nl
Bypassing Detections with Command-Line Obfuscation
Defensive tools like AVs and EDRs rely on command-line arguments for detecting malicious activity. This post demonstrates how command-line obfuscation, a shell-independent technique that exploits executables’ parsing “flaws”, can bypass such detections. It…
👍1
Forwarded from Sec Note
👍1