WILL i AM🍌

@[email protected]
34 Followers
30 Following
8 Posts
Red team consultant | Malware maker

Canadaland 🇨🇦
Twitterhttps://twitter.com/bsummerz
GitHubhttps://github.com/wsummerhill
Bloghttps://wsummerhill.github.io
WILL i AM🍌Sep 18, 2023

Encode shellcode into dictionary words using DictionShellcode! Easy way to avoid shellcode encryption/decryption for evasion and also reduce entropy of your payload.

Link: https://github.com/wsummerhill/DictionShellcode

GitHub - wsummerhill/DictionShellcode: Encode shellcode into dictionary words

Encode shellcode into dictionary words. Contribute to wsummerhill/DictionShellcode development by creating an account on GitHub.

GitHub
WILL i AM🍌Nov 17, 2022

Walkthrough of a DLL hijacking technique known as "DLL proxying" from start to finish. This technique hijacks execution of an EXE and proxies exported functions from the crafted malicious DLL to a legitimate DLL on disk.

This example uses MsMpEng.exe (WinDefender) with the hijacked DLL mpclient.dll

Link: https://wsummerhill.github.io/redteam/2022/10/02/DLL-sideloading.html
#dllhijack #redteam #malware

Malware Development: DLL Sideloading Exploit via ‘DLL Proxying’

I’m going to cover an example of how to perform a DLL sideload from start to finish using a C++ payload and a legitimate DLL commonly found on disk. The specific technique covered is known as “DLL proxying” where we use the legitimate DLL along with a malicious DLL which exports all the functions that the legit DLL to execute properly.

Will Summerhill
WILL i AM🍌Nov 15, 2022
Hello, infosec Mastodon world!