Ich versuche regelmäßig technische Trainings zu absolvieren, um neuen Input für meine Arbeit zu erhalten. Daher habe ich in den vergangenen Monaten weitere Trainings absolviert und entsprechend Zertifizierungen erworben: Hands on Hacking by HackerHouse (Link)Certified...
As promised on Twitter here is my OSCE review. You can read my time line from before course enrolling until the end of the exam here. So, let’s go. Stage_0: Preparation just before enrolling! First, I read a ton of other reviews to get an idea about the course...
The last post for my SLAE certification is about encryption of shellcode. As usual you can find all my files on github. Nothing special in place. Pick your favourit Shellcode Use my custom AES encrypter Insert the encrypted Shellcode and secret AES key into the...
This task (pick up 3 shellcodes from Shell-Storm and use polymorphism to beat pattern matching) sounds really sophisticated but you will see it’s a very handy way for AV evasion for your shellcode. Check my github account for the files. We have to pick three...
Got time to read? This tasks was a bigger one. We have to pick 3 random metasploit payloads and analyze their shellcode. After building bind and reverse shell in the first two posts i choosed the following (check all files on my github account): Exec whoami Readfile...
Hey ho, it’s time for some low-level shellcode encoding. After going through the encoder examples of the SLAE material i build a custom one, which you can find here. At first i wrote a little python script which takes every single byte of a given shellcode and...
