GitHub

Stop Windows Defender using the Win32 API

Even though Defender has a lot of fancy defensive features such as tamper protection, it can still be disabled with the following chain of actions: enable SeDebugPrivilege; start the TrustedInstaller ...
GitHub

Windows API Hooking and DLL Injection with MinHook

This solution provides examples of Windows API hooking and DLL injection using MinHook, "The Minimalistic x86/x64 API Hooking Library for Windows". MinHook is a simpler injection framework than ...
Security Boulevard

Enter the WasmForge: Compiling Sliver into WebAssembly

In our last post we used a Claude skill to systematically beat down VirusTotal detection rates on offensive security tools, ...