red teaming

From URL to Execution: Assembling a Payload Entirely In-Memory

by

If you’re new to malware development (maldev), the sheer complexity can be overwhelming. How do you even begin to understand something as advanced as in-memory execution? The answer is simple: you break it down. This post is the culmination of my first major milestone: combining five core sub-projects into a single, functional loader that downloads … Read more

WinAPI Shellcode Loader for AV Bypass

by

Introduction In this post, I demonstrate how to write a simple in-memory shellcode loader using the Windows API. The loader reads an XOR-encrypted reverse shell payload from disk, decrypts it in memory, and executes it — avoiding detection from basic signature-based AV. Tools Used Code Sections XOR Encryption Script (Python) C Loader Code Explanation Break … Read more