Ciph3rExfiltrating data from restricted networksA few days back I asked myself a question . How can I exfiltrate data from super restricted networks . Networks which allow only a certain…1 min read·Nov 23, 2022----
Ciph3rUnpacking a ASProtect malwareI came across a malware when i browsing any.run . I thought i would give it a try to reverse it , so i downloaded the sample and started…3 min read·Apr 18, 2022----
Ciph3rPersistence using unconventional methodsIn this post I will write about achieving persistence using some unconventional methods . These methods does not use any registry key and…2 min read·Apr 9, 2022----
Ciph3rStatic Analysis of Hancitor malware -Part1This will be a line by line static analysis of the hancitor malware . I will be using Ghidra and IDA . I am using Ghidra because i dont…4 min read·Nov 18, 2021----
Ciph3rBackdooring windows ISOI have a passion for backdooring things . So this time after backdooring linux iso files i tried to backdoor windows ISO files . Adding…3 min read·Sep 28, 2021----
Ciph3rHacking Discord to get code executionI found this bug a while ago . This bug requires initial access . Its great for post exploitation . Discord keeps a sqlite database called…2 min read·Aug 15, 2021----
Ciph3rHow to extract shell code from memory ?Malwares will sometimes run shellcode directly in memory . The common method to do that is first use VirtualAlloc to allocate memory with…2 min read·Jul 31, 2021----
Ciph3rExfiltrating data using beacon framesBeacon frame : Here is the wikipedia defination . Beacon frame is one of the management frames in IEEE 802.11 based WLANs. It contains all…1 min read·Jun 1, 2021----
Ciph3rAnalysing the Emotet maldocI have been analysing maldocs for few days . I analysed two variants of emotet but i will write about only one variant . This will be a…3 min read·Mar 14, 2021----