Fixing Base Relocations | PointerSec

Autoplay
Autocomplete

Previous Lesson Complete and Continue

Offensive Rust

Introduction

Introduction (5:41)

Setting up Rust Environment

Installing Rust and Hello World Program (8:17)
Rust Formatter (1:11)
Compiling to 32bit and 64bit programs (4:41)

Rust Fundamentals

Variables and shadowing (11:25)
Operators and Loops (14:13)
Arrays, Vectors and Strings (38:44)
References, Ownership and Borrowing (16:38)
Reading User Input (7:56)
Command Line Arguments (4:42)
Functions (13:02)
Structures (19:07)
Pointers (15:45)

Active Directory Enumeration

Connecting to Ldap3 and retrieving user information (9:13)

OS Command Execution

Executing OS Commands (9:07)

Rusty Reverse Shell

Rust reverse shell (25:49)

Intro to Windows API

MessageBoxA and MessageBoxW (18:02)
UNICODE_STRING structure (10:46)
OBJECT_ATTRIBUTES Structure (7:36)

Shellcode Injection

Executing shellcode via function pointer/delegate (5:05)
Shellcode Runner using Windows API (11:20)
Remote Shellcode Injection (7:47)

DLL Injection

DLL Injection theory (5:11)
DLL Injection in remote process (10:03)

Named Pipes

Windows Named Pipes (23:03)
Impersonating named pipe client's token (10:43)

DLL Proxying / Forwarding

Generating a DLL (5:07)
Proxying a DLL function from malicious dll to legit dll (9:55)

Writing a Reflective PE Loader

Writing our own FillStructureFromArray function (12:13)
Writing our own FillStructureFromMemory function (8:08)
Writing our own ReadStringFromMemory function (6:59)
Parsing DOS Header (15:58)
Parsing NT Header (15:52)
Mapping sections (15:05)
Fixing Imports (25:56)
Fixing Base Relocations (13:54)
Testing Metasploit Payloads (4:33)

Process Hollowing

CreateProcess API (5:16)
Process Hollowing (11:59)

DLL Hollowing

Dll Hollowing (7:13)

Bypassing AMSI

Patching AMSI (7:09)

API Hashing

GetProcAddress without GetProcAddress (20:44)
API Hashing (11:14)

API Hooking

Local API Hooking (23:16)

IAT Hooking

Hooking Import Address Table (14:58)

Hiding any process from Task Manager

Enumerating Processes with NtQuerySystemInformation (27:50)
Hiding any process from Task Manager by hooking NtQuerySystemInformation (11:52)

NTFS Transactions

TxF Windows API (14:17)

Process Doppelganging

Process Doppelganging (15:29)

PPID Spoofing

Spoofing parent process pid (16:46)

Bypassing AppLocker

Bypassing Hash rules (4:02)
Storing and Executing payload from Alternate Data Streams (5:24)
Bypassing Default Rules with InstallUtil (5:17)

Github repo link

github repo link

Teach online with

Fixing Base Relocations

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock