Windows Internal Cobalt Strike Process Injection Discussing the various methods that Cobalt Strike uses to perform process injection.
Penetration Test From Default Printer Credentials to Domain Admin The tail of a Xerox pass-back-attack. How to exploit trust relationships between devices that are generally considered benign.
Windows Internal Dynamically Retrieving System Call (syscall) Leveraging PTEs Locate instantiated PTE by leaking the base address and dynamically using read primitive to retrieve the syscall id.
Windows Internal Direct System Call (syscall) Process Injection to Avoid Anti-Kill Quick n’ Dirty syscall process injection