undev.ninja
  • Home
  • Contact

offense

A collection of 3 posts
kernel Featured

Sysmon Internals - From File Delete Event to Kernel Code Execution

Sysmon File Delete Event Internals and Kernel Code Execution
Oct 2, 2020 22 min read
anti-forensics

Sysmon Image File Name Evasion

Abusing a bug in Sysmon's driver to fake source processes' image file names.
Jun 17, 2020 8 min read
offense

NINA: x64 Process Injection

NINA: No Injection, No Allocation x64 Process Injection Technique.
Jun 4, 2020 12 min read
undev.ninja © 2023
Powered by Ghost