Custom API Hooking to Bypass Static Detection
Background Assembly.Load() has become very popular in offensive C# tooling in recent years. This method is quite easy to use to load […]
Exploiting AV for Privilege Escalation
AntiVirus (AV) products are still widely used on workstations and servers and provide a better level of protection against common malware. These […]
AMSI Memory Patching via Native API Calls
Overview AMSI (Antimalware Scan Interface) has been integrated into the .NET framework since version 4.8 and is used to automatically scan assemblies […]