blog category

Research & Tradecraft

Part 6: What is a Procedure?

Sep 8, 2022 • 16 min read

Read Post

Research & Tradecraft

Automating Azure Abuse Research — Part 2

Aug 31, 2022 • 8 min read

Read Post

Research & Tradecraft

Part 5: Expanding the Operation Graph

Aug 18, 2022 • 17 min read

Read Post

Research & Tradecraft

Part 4: Compound Functions

Aug 16, 2022 • 12 min read

Read Post

Research & Tradecraft

Part 3: Expanding the Function Call Graph

Aug 9, 2022 • 15 min read

Read Post

Research & Tradecraft

Part 2: Operations

Aug 4, 2022 • 10 min read

Read Post

Research & Tradecraft

Encrypting Strings at Compile Time

Thank you to SpecterOps for supporting this research and to Duane and Matt for proofreading and...

Jul 20, 2022 • 5 min read

Read Post

Research & Tradecraft

Part 1: Discovering API Function Usage through Source Code Review

Jul 19, 2022 • 24 min read

Read Post

Research & Tradecraft

Dealing with Failure: Failure Escalation Policy in CLR Hosts

Offensive tooling built upon the .NET framework and its runtime environment, the Common Language Runtime (CLR), is...

Jul 13, 2022 • 12 min read

Read Post

Prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Next

blog category

Research & Tradecraft

Sep 8, 2022 • 16 min read

Aug 31, 2022 • 8 min read

Aug 18, 2022 • 17 min read

Aug 16, 2022 • 12 min read

Aug 9, 2022 • 15 min read

Aug 4, 2022 • 10 min read

Jul 20, 2022 • 5 min read

Jul 19, 2022 • 24 min read

Jul 13, 2022 • 12 min read

Sign Up For Updates From SpecterOps