While working on our team’s internal implant I wanted to implement the ability to execute .Net assemblies in memory. However, by far the most common way of doing this is spawning a new proces…| Team Hydra
I first encountered the concept of using direct system calls to bypass user-land API hooking a little more than a year ago when I read a blog post by Cornelis De Pla (@Cn33liz). It is an exce…| Team Hydra
In ye old days, a [hacker, red teamer, penetration tester, motivated child] would compromise a host, use an exploit to elevate or laterally move, and then Mimikatz their way to glory (ok, maybe not…| Team Hydra