- Gatekeeping SysCalls
- Digging into PssCaptureSnapshot for LSASS Dumping
- SamAccountName Spoofing & Domain Controller Impersonation (CVE-2021-42287 & CVE-2021-42278)
- Log4j RCE (CVE-2021-44228)
- Bluffy: Convert shellcode into ✨ different ✨ formats!
- Identifying and Extracting the execute-assembly Reflective DLL
- Using SecureString to protect Malware
- Signing PE Files with PFX Certificates
- WinRM Reflective DLLs and Aggressor Scripts
- Greta: Windows Crypto, and Recursive Keying
- Exploring DLL Loads, Links, and Execution
- When Environmental Keying meets DPAPI
- Jumping to conclusions
- Deep Diving Process Injection
- Three ways of using MSBuild to beat CrowdStrike
- Instancing and multi-threaded Malware
- Dynamically resolving hashed-NTAPI Calls
- Cobalt Strike PowerShell Execution
- Common Language Runtime #3: Finalising the CLR Harness
- Common Language Runtime #2: In Memory Execution
- Common Language Runtime #1: An Introduction