Offensive Security


WNF Chronicles I: Introduction

WNF is a Kernel component internally used to send notifications accross the system, which can be abused to achieve malicious goals.

AV Bypass Image

Bypassing Antivirus using Direct System Calls

In today's post we will talk about how most AV/EDRs detect malicious behaviours and a really interesting way to bypass them. PEzor is a tool developed by @phra which I have analyzed to understand how Direct System Calls can be...