Malicious LNK files.
All about cron persistence
Installing OLE Tools on Windows
This is my review of the RED TEAM Operator: Privilege Escalation in Windows course offered by SEKTOR7 Institute. As an affiliate, I make money with qualifying purchases. RED TEAM Operator: Privilege Escalation in Windows is a brief introduction to the subject. As with other offerings by SEKTOR7, this course expects that you know the basics of …
REVIEW: RED TEAM Operator: Malware Development Intermediate Course by SEKTOR7 Institute.
REVIEW: RED TEAM Operator: Windows Evasion Course by SEKTOR7 Institute.
Enumerate modules with CreateToolhelp32Snapshot.
Quick and dirty example of process enumeration using CreateToolhelp32Snapshot
Quick example of using WTSEnumerateProcesses to enumerate processes running on a Windows machine.
Find malware running from temporary directories using procfs.
Find masquerading processes using procfs.
Using procfs For Forensics and Incident Response.