Posts

Obolos: Building a Polymorphic Syscall Engine with Full Stack Spoofing

Deep dive into the architecture of a custom syscall engine combining indirect syscalls, extended …

red teaming windows security edr evasion

Doppelganger: Cloning and Dumping LSASS to Evade Detection

Technique for cloning and dumping LSASS to evade detection using RTCore64.sys, NtCreateProcessEx and …

red teaming windows security Detection bypass