Win32 APIs, also referred to as Windows API or Win API by Microsoft, provide developers with an interface with the Windows operating system. They act

Process Injection Process injection is an advanced penetration testing technique used by experienced penetration testers to introduce malicious code into non-malicious processes, infiltrating stealthily without

Endpoint Detection and Response (EDR) solutions are essential for monitoring and responding to security incidents on endpoints. These solutions employ various techniques to identify malicious

In today’s digital landscape, protecting our systems from malicious threats is of utmost importance. Antivirus software plays a significant role in defending against various forms

Havoc C2 has quickly become one of many peoples’ favorite open-source C2s. Its features offer everything you need to complete a pen test or red

Command and Control (C2) frameworks have emerged as a sophisticated and consequential dimension in the ever-evolving cybersecurity landscape. These frameworks are commonly employed by threat

In the ever-evolving world of cybersecurity, staying one step ahead of malicious actors is crucial. Command and control (C2) frameworks play a vital role in

In this blog, we will look at a variation of a real-world attack path to escalate our privileges from a compromised Application Administrator account in

What is UAC? UAC (User Account Control) is a windows security feature that forces any new process to run in non-elevated mode by default. Any

What is Phishing? Phishing is a social engineering attack used to obtain user information such as login credentials and credit card information. It happens when

In Part 1 of our Antivirus Evasion series, we managed to get a meterpreter reverse shell while evading Windows Defender by writing an .exe file

Antivirus Evasion in general use signature-based and heuristics-based malware detection mechanisms. In this blog, we will learn and test some techniques to try and bypass