Okay so depending on your perspective of profit, this may or may yield some. I’ll build working, non-working, ‘secure’ and vulnerable applications for various platforms to help further understand the fundamentals and inner workings. So for me, building a vulnerable app to hack it gives me profit in the form of knowledge. If you have…
Introduction In the past when writing/using little implants and agents, a blocker seems to be embedding shellcode. Shellcode that has malicious intent and is designed to give us a shell or execute some form of ‘dangerous’ process has likely been caught in the past, signatured and had the word spread to AV vendors. For that…
First Steps As the title states, this post will focus primarily around some obfuscation steps I am taking for my generated source code. All templates and code blobs that are used and merged together through the entire process are clear text, commented, very human readable and have obviously named functions and variables. I was doing…
Introduction In the previous post, I briefly introduced my new side project, ‘meh’. This loosely detailed the idea, the current state of the tool and the next steps I was planning. Since then, I have implemented a collection of new features, slowly ticking away at the previous ’next steps’ list, as well as refactoring some…
Introduction Meh (‘Moderate Efficiency Helper’) is a tool I started recently that combines a bunch of things I love, all into one. In short, meh helps randomly generate and compile binaries that can help get malicious payloads, and tools, past detection systems. The current list of things I love that this tool is helping cover:…
Quick Note At the time of writing this (a month ago, I’m terribly slow at posting stuff), I had received my email from OffSec and been told that I had passed my OSCE. Everything I learnt during my preparation had helped massively with the exam so I thought I would continue writing up my work…
Introduction I am currently working through my OSCE prep material that I have gathered over the past few months, mainly generated after reading reviews and talking to friends who have taken the course. Without giving away any spoilers or specific information about the labs or the exam, I was able to highlight some key areas…
Introduction It was a cold Sunday evening, and I was doing nothing but afk’ing cannonballs on OSRS (shout out to @TimGMichaud) when I had an urge to make something. I was thinking about a conversation I had on Friday with Sion (fellow colleague/hacker friend) about methods of dropping malware, communicating with C2’s, how implants go…