The Prologue This is my reposting of the blog series I wrote here at ScriptDotSh If you haven’t watched the videos yet, here are my links to both the antivirus evasions I performed: 1. Windows Cloud ML Defender Evasion 2. Kaspersky AV Evasion Besides the above two, I was also able to evade the Symantec […]

Introduction Host header injections have been around for a while now, and sometimes the developer just does not know how to get rid of them! Configuring virtual hosts, adding host verification codes to redirection pages, etc. All of this can be time-consuming or stressful for some! So, I will be explaining a simple technique that […]

What is Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run the RDP server software. Everyone who […]

This post discusses the creation of an executable which spawns a reverse Meterpreter shell. All the tools used in this post are publicly available. In the process, I will explain bypass of an IPS (Intrusion Prevention System) that detects staged Meterpreter connection, even if it is on HTTPS! Note that this post does not cover […]

Attack is the secret of defense; defense is the planning of an attack. – Sun Tzu, The Art of War Ransomware have gained much notoriety in recent times. Locky, Wannacary, Petya and others have largely contributed to making ransomware attacks mainstream knowledge. However, in-spite of such heightened awareness about the prevalence of ransomware, many employees […]

The Scope Recently, we conducted a red team assessment for a large enterprise client where the scenarios allowed were to either use the hardened laptop of the client or to try and connect our own laptop to the network (though they did have a Network Access Control system in place). This blog posts lists out […]

Prologue In the previous blogpost, we reverse engineered a binary and extracted the password from within it. This binary however contained a plaintext password. This was good to start for beginners, but you won’t really find such types of binaries in today’s world. In real life, passwords are mostly obfuscated or encrypted. Most of the […]

As you might already be aware that ARM powers a variety of low-powered devices around us, including but not limited to, phones, routers, IoT devices, etc. Therefore, it is only logical to dig into this architecture and understand how it differs from x86 and x64 architectures. For this blog post, we will focus on 64bit […]

Prologue In the previous blog here, we reverse engineered a simple binary containing plaintext password in Linux with the help of GNU Debugger (GDB). In this blog however, we will be using the same source code of the binary but compile and debug it in Windows. Reverse engineering tools in Windows are highly different from […]

Prologue The main focus of this blog is to give a push start to the beginners to get in the field of reverse engineering. Since this is the age of x64, I have skipped x86 architecture and will solely be focusing on x64 assembly. However, all the examples that will be written in C++ can […]