This media is not supported in your browser
VIEW IN TELEGRAM
🌀Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
🔗 Source
https://github.com/vxCrypt0r/Voidgate
#av #edr #evasion #hwbp #cpp
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
🔗 Source
https://github.com/vxCrypt0r/Voidgate
#av #edr #evasion #hwbp #cpp
❤12🔥5👍4❤🔥3👎1
⚙️ Remote Session Enumeration
The blog post explores how to enumerate remote user sessions on Windows using undocumented Windows APIs, specifically focusing on the implementation and usage of the WinStation API.
🔗 Research:
https://0xv1n.github.io/posts/sessionenumeration/
🔗 Source:
https://github.com/0xv1n/RemoteSessionEnum/blob/main/main.cpp
#windows #qwinsta #session #winapi #cpp
The blog post explores how to enumerate remote user sessions on Windows using undocumented Windows APIs, specifically focusing on the implementation and usage of the WinStation API.
🔗 Research:
https://0xv1n.github.io/posts/sessionenumeration/
🔗 Source:
https://github.com/0xv1n/RemoteSessionEnum/blob/main/main.cpp
#windows #qwinsta #session #winapi #cpp
👍9