Utilizing Cobalt Strike’s in-memory C capabilities to inject a Beacon implant into a remote process without spawning a remote thread on 64-bit systems.
Taking a look at Microsoft’s new forward-edge CFI solution: Xtended Flow Guard
In part two, we walk through the many exploit mitigations that Microsoft has put in place - include Page Table Randomization, Arbitrary Code Guard, and CET.
This two-part series explores the evolution of exploit development and vulnerability research on Windows - beginning with types and legacy mitigation techniq...
Gaining code execution with WriteProcessMemory() via ROP and outlining the occasional need for Call-Oriented Programming.