Snippet List

Technique Language Author Creation Date
Tamper DLL Export Names & GetProcAddress Spoofing C++ Alex Schwarz 1 day, 14 hours
DLL Search Order Hijacking C++ Sh0ckFR 2 weeks, 4 days
DLL Proxying C++ Sh0ckFR 2 weeks, 4 days
Change Module Base Address at Runtime C++ Alex Schwarz 3 weeks, 4 days
Change Module Name at Runtime C++ Alex Schwarz 3 weeks, 4 days
Windows Event Log Evasion via Native APIs C++ External 1 month, 2 weeks
RDTSC C++ External 1 month, 3 weeks
NtQueryObject C++ External 1 month, 3 weeks
CsrGetProcessID C++ External 1 month, 3 weeks
CloseHandle, NtClose C++ External 1 month, 3 weeks
Heap Flag C++ External 1 month, 3 weeks
GetTickCount C++ External 1 month, 3 weeks
GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter C++ External 1 month, 3 weeks
Performing Code Checksum C++ External 1 month, 3 weeks
Unhandled Exception Filter C++ External 1 month, 3 weeks
Trap Flag C++ External 1 month, 3 weeks
INT 0x2D C++ External 1 month, 3 weeks
INT3 Instruction Scanning C++ External 1 month, 3 weeks
SuspendThread C++ External 1 month, 3 weeks
NlsCodeInjectionThroughRegistry C++ Unprotect 1 month, 3 weeks
Killing Windows Event Log C++ Unprotect 1 month, 3 weeks
APC injection C++ Unprotect 1 month, 3 weeks
Execution Guardrails: Environmental Keying C++ Unprotect 1 month, 3 weeks
IAT Hooking C++ Unprotect 1 month, 3 weeks
Shellcode Injection via CreateThreadpoolWait C++ Unprotect 1 month, 3 weeks
Reflective DLL injection C++ Unprotect 1 month, 3 weeks
Parent PID Spoofing C++ Unprotect 1 month, 3 weeks
PE Injection C++ Unprotect 1 month, 3 weeks
API Obfuscation C++ Unprotect 1 month, 3 weeks
ProcEnvInjection - Remote code injection by abusing process environment strings C++ Unprotect 2 months
Filter
Clear