Zer0riginAdvanced Endpoint Hunting: Detecting Process DoppelgängingMITRE ATT&CK ID: T1055.013 Process Injection: Process Doppelgänging3 min read·Mar 4, 2024----
Zer0riginHunting the Network for Responder and InveighObjective: Detect the presence of Responder or Inveigh on the network.4 min read·Feb 25, 2024----
Zer0riginHunting for AMSI Bypass and Parent PID SpoofingTask 1. AMSI Bypass5 min read·Feb 19, 2024----
Zer0riginHunting for Process Injection and Proactive API MonitoringT1055.001 — Process Injection: Dynamic-link Library Injection5 min read·Feb 11, 2024----
Zer0riginChase PCAP Analysis on Hack The BoxIt has been a while since I have had some spare time to do a PCAP (packet capture) analysis in Wireshark, so I decided to get on Hack The…5 min read·Feb 13, 2022----
Zer0riginLearning SQL Injection with WebGoatStarting off I downloaded the WebGoat docker image from GitHub to my Kali Linux VM. In Kali I navigated to…3 min read·Feb 5, 2022----
Zer0riginCapture the Flag (CTF)If you are a gamer like myself, you may have encountered Capture the Flag (CTF) game modes in video games like Battlefield and Call of…4 min read·Dec 15, 2021----