Malware on Steroids – Part 2: Evading Antivirus in a Simulated Organizational Environment

In the previous post, we wrote a simple CMD Reverse Shell over TCP. However, in a real-life scenario, things would be pretty different. In this post, we will be focusing … Continue reading “Malware on Steroids – Part 2: Evading Antivirus in a Simulated Organizational Environment”

Malware on Steroids – Part 1: Simple CMD Reverse Shell

The Prologue If you haven’t watched the videos yet, here are my links to both the antivirus evasions I performed: 1. Windows Cloud ML Defender Evasion 2. Kaspersky AV Evasion … Continue reading “Malware on Steroids – Part 1: Simple CMD Reverse Shell”

Active Directory Penetration Dojo- Setup of AD Penetration Lab : Part 2

The Prologue Hi everyone, Welcome to the second part of the setup series on Pentest lab in AD environment. I hope your basic concepts about AD and Domain Controller are … Continue reading “Active Directory Penetration Dojo- Setup of AD Penetration Lab : Part 2”

Microsoft PowerPoint’s Funny Read-only Protection Bypass

The Prologue @paranoidninja created a PPT file in Microsoft Windows PowerPoint 2016 for his presentation on Botnet Development at Defcon 9111. And decided to upload the file on our website … Continue reading “Microsoft PowerPoint’s Funny Read-only Protection Bypass”

Active Directory Penetration Dojo – Setup of AD Penetration Lab : Part 1

The Prologue Hello everyone, Welcome to the series of Active Directory Penetration Dojo. This series is for people who’ve used Windows but haven’t worked on Active Directory. This blog will … Continue reading “Active Directory Penetration Dojo – Setup of AD Penetration Lab : Part 1”

Ground Zero: Part 2-3 – Reverse Engineering – Building Cracked Binaries – Windows x64

Prologue In the previous post, we saw how to extract cleartext and encrypted passwords by reverse engineering the binaries which stored the passwords in memory or within the binary itself. … Continue reading “Ground Zero: Part 2-3 – Reverse Engineering – Building Cracked Binaries – Windows x64”

Ground Zero: Part 2-2 – Reverse Engineering – XOR encryption – Windows x64

Prologue In the previous blogpost, we reverse engineered a binary and extracted the password from within it. This binary however contained a plaintext password. This was good to start for … Continue reading “Ground Zero: Part 2-2 – Reverse Engineering – XOR encryption – Windows x64”

Ground Zero: Part 2 – Reverse Engineering Basics – Windows x64

Prologue In the previous blog i.e. part 1, we reverse engineered a simple binary containing plaintext password in Linux with the help of GNU Debugger (GDB). In this blog however, … Continue reading “Ground Zero: Part 2 – Reverse Engineering Basics – Windows x64”