I just released an RCE PoC that abuses a “feature” of the Terraria mod tModLoader used to gain access to client machines since 2016. No signing or sandboxing mechanisms have been implemented yet. All versions are affected. github.com/s4mp0l/tModLoa…

I have added some APC Injection PoCs to my github: - Classic APC Injection - Early Bird APC Injection - NTAPI APC Injection Check it out: github.com/s4mp0l/Malware…

My malware repository has been updated: - Local/Remote Mapping Injection - String hashing via multiple hash functions - Shellcode execution via Callbacks github.com/s4mp0l/Malware…

New techniques were uploaded to my github: - Hooking: Trampoline, Inline and IAT Hooking. - PE Parser. - Payload Execution Control via Mutex. github.com/s4mp0l/Malware…

New PoCs in my repo. Check it out: - PPID / Argument Spoofing - Implementations with NtApis (Injections, Enumeration, Process Creation, etc...) - refactored code and restructured repo github.com/s4mp0l/Malware…

It's finally here, so cool. Thanks OffSec for this incredible experience. OSEE awaits.

Added some PoCs in my repo. Check it out: - Direct/Indirect Syscalls: Tartarus' Gate, Hell's Gate, Hell's Hall and Recycled Gate - NTDLL Unhooking: From Disk, From KnownDlls, From a Web Server, From a Suspended Process - API Hooking in ntdll.dll github.com/s4mp0l/Malware…