Posts

Showing posts from 2020

Process Injection Tool Updates

Image
Hello All, In the post I will highlight few updates that are made to improve the code base & add long pending features to the Process Injection Tool that I wrote for learning about various Process Injection techniques and to enhance my knowledge about C# and Windows API. The tool for process injection can be found on my Github. https://github.com/3xpl01tc0d3r/ProcessInjection New Features: 1) Encryption - Added XOR & AES encryption support with custom key that needs to be passed to decrypt the shellcode at runtime. To encrypt the shellcode I have wrote another tool Obfuscator . I have wrote another short blog post for Obfuscator tool that can be found here . The tool currently only supports XOR & AES encryption. Obfuscated shellcode might help operator's to evade static detection while trying to inject the shellcode into remote process.  Required parameters to leverage Encryption: /enc  : This parameter is used to specify the encryption type(xor or aes). /key : This pa

Introduction to Obfuscator

Image
Hello All, In this post I will provide you an overview about the new tool that I wrote to encrypt the shellcode using XOR & AES encryption. This tool has been written to support the new features added to the process injection tool that I wrote for learning about various Process Injection techniques and to enhance my knowledge about C# and Windows API.  The tool for process injection can be found on my github repo https://github.com/3xpl01tc0d3r/ProcessInjection The tool Obfuscator can also be found on my github repo https://github.com/3xpl01tc0d3r/Obfuscator What is encryption ? In cryptography, encryption is the process of encoding information.This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Only authorized parties can decipher a ciphertext back to plaintext and access the original information. What is shellcode ? Shellcode is a set of instructions that executes a command in the software to take

My Journey toward eCPTX

Hello Everyone, m0nkeyshell is back again, I hope you all are doing well !! in this crisis situation. Stay Home Stay Safe Wear Mask. Before going into the details I would like to mention that I failed my 1st attempt and after a week I gave my 2nd attempt and cleared the exam. Lesson learned from my 1st attempt. So I have taken the elite version of PTX v1 course back in November 2017. Yes you read it correct back in 2017. After my initial glance through course material  I was scared as the concept of the attack and the methodology was totally new for me. Fast forward in 2019 I did 3 certification OSCP , CRTP & CRTE . Even so I was not enough confident to do PTX  but in 2020 I completed GCB labs (exam is still pending) that gave me enough confident. When I compare PTX vs Other Course it quit different like it more of real world attack especially it includes c2, evasion and external attack and also various way of executing the payloads which I seriously loved.  I

Hacking into Corporate Network - Noob-1

Image
Hi guys, It been really long time since I have posted something because I was confused by thinking what should I post and for past few weeks it been really difficult time for me as I was heavily focusing on learning Programming languages and I failed miserably. But while learning coding I came up with an idea thought like what if I focused on building project and code them vulnerable for practicing and learning to hack into network through webapps. This will not only help me to be focused but also improve my skill to improve my programming knowledge. So I will try to code various vulnerable application and increase the difficulty with each blog including network exploitation. I will not only focused on Web development, but also focus on developing scripts in powershell and as I increase the difficulty level I will try to code some .net stuff and will try to evade AV and even code our malware for initial access. So here is how this blog series will go Basically the blo