Abusing Accessibility Features as a persistence mechanism.
Malicious LNK files.
Some notes on finding malicious Scheduled Tasks.
I was writing some PowerShell scripts to scan disks for certain types of malware and realized that Get-ChildItem was kind of slow. I googled around and found this site which demonstrated using robocopy.exe and dir as faster alternatives to Get-ChildItem. Here were the results I had searching for LNK files on my disk using both …
Installing OLE Tools on Windows
This is my review of the RED TEAM Operator: Privilege Escalation in Windows course offered by SEKTOR7 Institute. As an affiliate, I make money with qualifying purchases. RED TEAM Operator: Privilege Escalation in Windows is a brief introduction to the subject. As with other offerings by SEKTOR7, this course expects that you know the basics of …
Remove carriage return, Control-M (^M) Characters with Emacs.
REVIEW: RED TEAM Operator: Malware Development Intermediate Course by SEKTOR7 Institute.
REVIEW: RED TEAM Operator: Windows Evasion Course by SEKTOR7 Institute.
Enumerate modules with CreateToolhelp32Snapshot.
Quick and dirty example of process enumeration using CreateToolhelp32Snapshot
Quick example of using WTSEnumerateProcesses to enumerate processes running on a Windows machine.