Executing Shellcode with ReadDirectoryChanges’s Hidden Callback 文章介绍了一种利用Windows API `ReadDirectoryChanges` 的异步回调机制来注入和执行恶意代码的方法。通过将shellcode嵌入可执行文件并注册为回调函数，在特定文件操作触发时，内核会调用该shellcode在主线程中执行，实现隐蔽攻击。... 2025-9-25 21:4:18 | 阅读: 11 | 收藏 | ????Blog of Osanda - osandamalith.com shellcode overlapped hdir

Encrypting Shellcode using SystemFunction032/033 After a while, I’m publishing a blog post which made me interested. With the recent tweets a... 2022-11-11 06:50:7 | 阅读: 329 | 收藏 | osandamalith.com shellcode 0x8b puchar

Executing Shellcode via Callbacks In simple terms, it’s a function that is called through a function pointer. When we pass a... 2021-04-01 09:27:16 | 阅读: 88 | 收藏 | osandamalith.com shellcode oldprotect windows 0377400434

Hacking the World with HTML 123456789101112131415161718192021222324252627282930313233343536373839404142434... 2020-07-20 06:01:11 | 阅读: 44 | 收藏 | osandamalith.com newfilename payload rdonly buff

Exploring the MS-DOS Stub A long time ago when I got my first computer, I accidentally opened a 32-bit demo with a nic... 2020-07-20 01:23:46 | 阅读: 80 | 收藏 | osandamalith.com lfanew cx bh paragraphs mz

My Journey into eCXD – eLearnSecurity Certified eXploit Developer I first want to thank eLearnSecurity for creating such a course on this topic of exploit d... 2020-06-25 21:10:56 | 阅读: 84 | 收藏 | osandamalith.com windows shellcode explains bypass internals

WMI 101 for Pentesters PowerShell has gained popularity with SysAdmins and for good reason. It’s on every Windows m... 2020-02-27 00:07:26 | 阅读: 39 | 收藏 | osandamalith.com reverse osanda security researching

Alternatives to Extract Tables and Columns from MySQL and MariaDB I’ve previously published a post on extracting table names when /or/i was filtered which lea... 2020-01-28 07:48:31 | 阅读: 45 | 收藏 | osandamalith.com security winx64 referers uagents database

Bypassing the WebARX Web Application Firewall (WAF) WebARX is a web application firewall where you can protect your website from malicious attac... 2019-10-13 07:16:32 | 阅读: 56 | 收藏 | osandamalith.com whitelist webarx bypassed payload detects

WQL Injection Generally in application security, the user input must be sanitized. When it comes to SQL in... 2019-10-07 06:59:49 | 阅读: 58 | 收藏 | osandamalith.com wql vret hres sanitized wbem

Unloading the Sysmon Minifilter Driver The binary fltMC.exe is used to manage minifilter drivers. You can easily load and unload mi... 2019-09-22 23:51:04 | 阅读: 72 | 收藏 | osandamalith.com unload minifilter

MiniDumpWriteDump via Faultrep!CreateMinidump I found out this old undocumented API “CreateMinidumpW” inside the faultrep.dll on Windows X... 2019-09-09 06:18:18 | 阅读: 71 | 收藏 | osandamalith.com windows faultrep

Running Shellcode Directly in C Here’s a cool thing I figured out in position-independent code. I would rephrase the title a... 2019-08-28 04:15:38 | 阅读: 55 | 收藏 | osandamalith.com x8b x90 xc7 x89 x7a