Malware on Steroids Part 4: Defender and Symantec Endpoint Protection Evasion

So, this blog is just going to be a rant about the comments on the twitter that I was facing for Windows Defender and Symantec Endpoint Protection Evasion. You can … Continue reading “Malware on Steroids Part 4: Defender and Symantec Endpoint Protection Evasion”

Malware on Steroids Part 3: Machine Learning & Sandbox Evasion

It’s been a busy month for me and I was not able to save time to write the final part of the series on Malware Development. But I am receiving … Continue reading “Malware on Steroids Part 3: Machine Learning & Sandbox Evasion”

Malware on Steroids – Part 2: Evading Antivirus in a Simulated Organizational Environment

In the previous post, we wrote a simple CMD Reverse Shell over TCP. However, in a real-life scenario, things would be pretty different. In this post, we will be focusing … Continue reading “Malware on Steroids – Part 2: Evading Antivirus in a Simulated Organizational Environment”

Malware on Steroids – Part 1: Simple CMD Reverse Shell

The Prologue If you haven’t watched the videos yet, here are my links to both the antivirus evasions I performed: 1. Windows Cloud ML Defender Evasion 2. Kaspersky AV Evasion … Continue reading “Malware on Steroids – Part 1: Simple CMD Reverse Shell”

Ground Zero: Part 1-2 – Reverse Engineering Password Protected Reverse Shells – Linux x64

Prologue Its been a long time since I posted any of my blogs. What can I say, I was a bit busy with some of the office projects. But finally … Continue reading “Ground Zero: Part 1-2 – Reverse Engineering Password Protected Reverse Shells – Linux x64”

Ground Zero: Part 2-3 – Reverse Engineering – Building Cracked Binaries – Windows x64

Prologue In the previous post, we saw how to extract cleartext and encrypted passwords by reverse engineering the binaries which stored the passwords in memory or within the binary itself. … Continue reading “Ground Zero: Part 2-3 – Reverse Engineering – Building Cracked Binaries – Windows x64”

Ground Zero: Part 2-2 – Reverse Engineering – XOR encryption – Windows x64

Prologue In the previous blogpost, we reverse engineered a binary and extracted the password from within it. This binary however contained a plaintext password. This was good to start for … Continue reading “Ground Zero: Part 2-2 – Reverse Engineering – XOR encryption – Windows x64”

Ground Zero: Part 2 – Reverse Engineering Basics – Windows x64

Prologue In the previous blog i.e. part 1, we reverse engineered a simple binary containing plaintext password in Linux with the help of GNU Debugger (GDB). In this blog however, … Continue reading “Ground Zero: Part 2 – Reverse Engineering Basics – Windows x64”