Evasion

Offensive Security

DiskShadow on SecurityListing: A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.

Offensive Security

Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32 on SecurityListing: Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32

Offensive Security

Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence (Part 2) on SecurityListing: A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence