{"version":1,"pages":[{"id":"kzTlst3tKo255yz4YpDi","title":"Introduction","pathname":"/home","siteSpaceId":"sitesp_I6Cb5","icon":"message-smile"},{"id":"cEHgDv7NGBquDGHeLyQ4","title":"Headers","pathname":"/home/code-base/headers","siteSpaceId":"sitesp_I6Cb5","icon":"file-circle-exclamation","breadcrumbs":[{"label":"Code base"}]},{"id":"dXAXJxyiS6Zz2PmfmZDf","title":"PEB (Process Environment Block)","pathname":"/home/code-base/headers/peb-process-environment-block","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"Headers","icon":"file-circle-exclamation"}]},{"id":"12cAoU6NLVYuvn0jYQWV","title":"TEB (Thread Environment Block)","pathname":"/home/code-base/headers/teb-thread-environment-block","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"Headers","icon":"file-circle-exclamation"}]},{"id":"ZXxfwYY21Yz9PCv9X7ja","title":"CRT Recreation","pathname":"/home/code-base/markdown","siteSpaceId":"sitesp_I6Cb5","icon":"page","breadcrumbs":[{"label":"Code base"}]},{"id":"wiuCNoWjmcwBpSnkNCoi","title":"CaplockString","pathname":"/home/code-base/markdown/caplockstring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"LvkeWdwOI0sHEDGlswM0","title":"CopyMemory","pathname":"/home/code-base/markdown/copymemory","siteSpaceId":"sitesp_I6Cb5","description":"Custom implementation of CopyMemory.","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"KzuYiKkJB3X9OtylQAje","title":"StringCompare","pathname":"/home/code-base/markdown/stringcompare","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"H6HOkWLVY3h9BJdPOf6Z","title":"StringConcat","pathname":"/home/code-base/markdown/stringconcat","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"33JnDiCHdoIIzxr1LAFb","title":"StringCopy","pathname":"/home/code-base/markdown/stringcopy","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"diAN7c41r0Gt5UFKfreK","title":"StringLength","pathname":"/home/code-base/markdown/stringlength","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"BLSDR08aM6Z2a8Oj37Op","title":"StringLocateChar","pathname":"/home/code-base/markdown/stringlocatechar","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"7pXoIPERR1TziO2F5xTO","title":"WCHAR to CHAR","pathname":"/home/code-base/markdown/wchar-to-char","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"1bF1EFy7uztRgFmWXrWX","title":"WCharToCharUnsafe","pathname":"/home/code-base/markdown/wchar-to-char/wchartocharunsafe","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"WCHAR to CHAR"}]},{"id":"iPVQLhjdgym8YHd72GNP","title":"WCharToCharSafe","pathname":"/home/code-base/markdown/wchar-to-char/wchartocharsafe","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"WCHAR to CHAR"}]},{"id":"StcojNBk1QzHzVIr33m0","title":"ShlwapiWcharToChar","pathname":"/home/code-base/markdown/wchar-to-char/shlwapiwchartochar","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"WCHAR to CHAR"}]},{"id":"X6T0IxvX0jsAzw4z13Om","title":"CHAR to WCHAR","pathname":"/home/code-base/markdown/char-to-wchar","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"aMnZKbzvKviP6sRrrlO8","title":"CharStringToWCharString","pathname":"/home/code-base/markdown/char-to-wchar/charstringtowcharstring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"CHAR to WCHAR"}]},{"id":"JnhhIYIKMR1TA7lGdSFx","title":"ShlwapiCharStringToWCharString","pathname":"/home/code-base/markdown/char-to-wchar/shlwapicharstringtowcharstring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"CHAR to WCHAR"}]},{"id":"eLVeiykPob85jQDvvhDr","title":"ByteArrayToCharArray","pathname":"/home/code-base/markdown/bytearraytochararray","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"zLhvzdLlIFKqFFoXmqxO","title":"CharArrayToByteArray","pathname":"/home/code-base/markdown/chararraytobytearray","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"3UUHK4x1bBcEwxCkdky9","title":"StringTerminateStringAtChar","pathname":"/home/code-base/markdown/stringterminatestringatchar","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"WLScaTqvHu3EQwUILlV6","title":"RtlInitAnsiString","pathname":"/home/code-base/markdown/rtlinitansistring","siteSpaceId":"sitesp_I6Cb5","description":"Initializes an ANSI_STRING structure without importing from NTDLL","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"h2Lj5vaSNpX05SW1Vp33","title":"RtlInitUnicodeString","pathname":"/home/code-base/markdown/rtlinitunicodestring","siteSpaceId":"sitesp_I6Cb5","description":"Initializes a UNICODE_STRING structure without importing from NTDLL","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"zC2NdpkH9o0Ja4XvBVAg","title":"Random Integer","pathname":"/home/code-base/markdown/random-integer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"L5QfCFilSp2MfVsLleiG","title":"RtlUniform","pathname":"/home/code-base/markdown/random-integer/rtluniform","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"Random Integer"}]},{"id":"iR460twqyFCdtt36ptCq","title":"IOCTL Cng Random","pathname":"/home/code-base/markdown/random-integer/ioctl-cng-random","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"Random Integer"}]},{"id":"8geBgQXxwBB8pKloeDyO","title":"IOCTL KsecDD Random","pathname":"/home/code-base/markdown/random-integer/ioctl-ksecdd-random","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"Random Integer"}]},{"id":"1dN8TUBourgVrqbjY9V1","title":"WinRT CryptographicBufferStatics","pathname":"/home/code-base/markdown/random-integer/winrt-cryptographicbufferstatics","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"},{"label":"Random Integer"}]},{"id":"lk8VOOKST5K2vwaLjG1t","title":"ConvertCharStringToInt (NTDLL)","pathname":"/home/code-base/markdown/convertcharstringtoint-ntdll","siteSpaceId":"sitesp_I6Cb5","description":"This code snippet requires an import from NTDLL","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"lopHDt3EcQN57FiP8uRC","title":"ZeroMemory","pathname":"/home/code-base/markdown/zeromemory","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Code base"},{"label":"CRT Recreation","icon":"page"}]},{"id":"oxaLYt2I3eiDy0pnzsna","title":"String Hashing","pathname":"/home/string-hashing","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"4TxZCMvSpFfEKDv8pF2A","title":"Djb2","pathname":"/home/string-hashing/djb2","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"pZwcv4IkvXu9D0IAJEie","title":"Djb2a","pathname":"/home/string-hashing/djb2a","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"B6taDg5abU3seGI7BzqB","title":"FowlerNollVoVariant1a 32","pathname":"/home/string-hashing/fowlernollvovariant1a-32","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"ayRjnR4ym0DbEBHw6HVO","title":"JenkinsOneAtATime32Bit","pathname":"/home/string-hashing/jenkinsoneatatime32bit","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"ULdGlIxjq2fWu8JSDEzA","title":"FowlerNollVoVariant1a 64","pathname":"/home/string-hashing/fowlernollvovariant1a-64","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"10H3a7f9YJYdOL0bqYrg","title":"LoseLose","pathname":"/home/string-hashing/loselose","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"hvv7cpJhH4VcJlMjXkzL","title":"Murmur3","pathname":"/home/string-hashing/murmur3","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"qpzb1PDNTFBAd5iRDieI","title":"Sdbm","pathname":"/home/string-hashing/sdbm","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"J3Lrp5I9A7cq4JnZGegD","title":"SipHash","pathname":"/home/string-hashing/siphash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"zVZtE50hp1df22EAOGxK","title":"SuperFastHash","pathname":"/home/string-hashing/superfasthash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"vvSP6Piam7VKXJJTVfvl","title":"Pjw","pathname":"/home/string-hashing/pjw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"ysz25E5JjMumRcPxWtaS","title":"XXHash","pathname":"/home/string-hashing/xxhash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"NoBYL3SdbdHwNluwnfME","title":"Crc32NoTable","pathname":"/home/string-hashing/crc32notable","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"foZtvfyooAxHr0B86jZW","title":"Rotr32 Add 13","pathname":"/home/string-hashing/rotr32-add-13","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"IBMYEOFEOFxkgGwSUWxe","title":"Rotr32 Add 7","pathname":"/home/string-hashing/rotr32-add-7","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"XAJ7tNmYap0Ckmj4Vznq","title":"Lookup3","pathname":"/home/string-hashing/lookup3","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"cDpubXzu3aabVClDeeGq","title":"Jhash","pathname":"/home/string-hashing/jhash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"YzNpKZSs1Lti3mED7lDV","title":"WyHash","pathname":"/home/string-hashing/wyhash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"String Hashing","icon":"page"}]},{"id":"m2WPq0Hg5Tu9KbgScMfk","title":"Antidebugging Methods","pathname":"/home/antidebugging-methods","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"kmsdTRNxKuE6PFMUpfza","title":"CloseHandleOnInvalidAddress","pathname":"/home/antidebugging-methods/closehandleoninvalidaddress","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Antidebugging Methods","icon":"page"}]},{"id":"gvqAj2jeg6yciB8y9DMo","title":"IsDebuggerPresentEx","pathname":"/home/antidebugging-methods/isdebuggerpresentex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Antidebugging Methods","icon":"page"}]},{"id":"aRDE1acbslRLUhpRwhTt","title":"IsIntelHardwareBreakpointPresent","pathname":"/home/antidebugging-methods/isintelhardwarebreakpointpresent","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Antidebugging Methods","icon":"page"}]},{"id":"QYN4bLKhiqf2tIg7ZG2J","title":"Library Loading","pathname":"/home/library-loading","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"61BHC7KeixNmPNWXW5a3","title":"GetTeb","pathname":"/home/library-loading/getteb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"uLchM1iP5iLXV4k1xg2K","title":"GetPeb","pathname":"/home/library-loading/getpeb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"q1qpnWdkTn93IcByVY2H","title":"GetKUserSharedData","pathname":"/home/library-loading/getkusershareddata","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"SZqInrhW8xB0l1ysOft4","title":"RtlLoadPeHeaders","pathname":"/home/library-loading/rtlloadpeheaders","siteSpaceId":"sitesp_I6Cb5","description":"Small helper function used by other library loading functions","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"g6UamGD1U7nHYPIB6kfe","title":"LdrLoadGetProcedureAddress","pathname":"/home/library-loading/ldrloadgetprocedureaddress","siteSpaceId":"sitesp_I6Cb5","description":"Subroutine used by library loading functions to handle API sets","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"auhWLx5hvDHAsQAcBp1N","title":"GetRtlUserProcessParameters","pathname":"/home/library-loading/getrtluserprocessparameters","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"zItl7Y4LeHTbe8v9VHc0","title":"ProxyRegisterWaitLoadLibrary","pathname":"/home/library-loading/proxyregisterwaitloadlibrary","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"ZRzzl7upO8tzyp7s4W0e","title":"ProxyWorkItemLoadLibrary","pathname":"/home/library-loading/proxyworkitemloadlibrary","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"y6qwTGeLWKh8isvNXzUS","title":"Function Import Methods","pathname":"/home/library-loading/function-import-methods","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"}]},{"id":"11zMQBy1pGOqR5n8kFzO","title":"GetProcAddress (Safe)","pathname":"/home/library-loading/function-import-methods/getprocaddress-safe","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"wkuJOqWV022rBQ1f2ne3","title":"GetProcAddressDjb2","pathname":"/home/library-loading/function-import-methods/getprocaddressdjb2","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"E8DeJEK4pwwausygJfcx","title":"GetProcAddressFowlerNollVoVariant1a","pathname":"/home/library-loading/function-import-methods/getprocaddressfowlernollvovariant1a","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"xlN8VVoMoCFiU8umkcDx","title":"GetProcAddressJenkinsOneAtATime32Bit","pathname":"/home/library-loading/function-import-methods/getprocaddressjenkinsoneatatime32bit","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"nGJpiyT9yOH2V9fOmS40","title":"GetProcAddressLoseLose","pathname":"/home/library-loading/function-import-methods/getprocaddressloselose","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"1WsFc6fffrtdPDlUAPrO","title":"GetProcAddressMurmur","pathname":"/home/library-loading/function-import-methods/getprocaddressmurmur","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"ftZ9W9t5BUZQVSP6nbLQ","title":"GetProcAddressRotr32","pathname":"/home/library-loading/function-import-methods/getprocaddressrotr32","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"IoQaX2mjnxTmep8KLUto","title":"GetProcAddressSdbm","pathname":"/home/library-loading/function-import-methods/getprocaddresssdbm","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"Kd338GWg9rXyTTpjqvel","title":"GetProcAddressSipHash","pathname":"/home/library-loading/function-import-methods/getprocaddresssiphash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"nb66Qza6IfGI1QY9VYg4","title":"GetProcAddressSuperFastHash","pathname":"/home/library-loading/function-import-methods/getprocaddresssuperfasthash","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"mB0S6Q2N5fxtmRSrY06P","title":"GetProcAddressUnknownGenericHash1","pathname":"/home/library-loading/function-import-methods/getprocaddressunknowngenerichash1","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Library Loading","icon":"page"},{"label":"Function Import Methods"}]},{"id":"xMpuXmGfUj9p8WkgsXiX","title":"Error Handling","pathname":"/home/error-handling","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"hbxPq3r9CxAHpRZnMJTa","title":"GetLastErrorFromTeb","pathname":"/home/error-handling/getlasterrorfromteb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Error Handling","icon":"page"}]},{"id":"KEzsCzs8TX0tcLiGS6iq","title":"GetLastNtStatusFromTeb","pathname":"/home/error-handling/getlastntstatusfromteb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Error Handling","icon":"page"}]},{"id":"C6DbwpP1N0d7As5Eerce","title":"RtlNtStatusToDosErrorViaImport","pathname":"/home/error-handling/rtlntstatustodoserrorviaimport","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Error Handling","icon":"page"}]},{"id":"6yrwd5DPkEkF1oB4CNXk","title":"Win32FromHResult","pathname":"/home/error-handling/win32fromhresult","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Error Handling","icon":"page"}]},{"id":"L22NE47Si9NHzOYlTQqR","title":"Fingerprinting","pathname":"/home/fingerprinting","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"IpGiv3G7jK7qvs5uvZCn","title":"GetNumberOfLinkedDlls","pathname":"/home/fingerprinting/getnumberoflinkeddlls","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"}]},{"id":"Ul4OcNlUE6Ydo1SsmENm","title":"PEB / TEB related","pathname":"/home/fingerprinting/peb-teb-related","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"}]},{"id":"tajXfFKfig849LYZomHN","title":"GetCurrentLocaleFromTeb","pathname":"/home/fingerprinting/peb-teb-related/getcurrentlocalefromteb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"},{"label":"PEB / TEB related"}]},{"id":"mcv3Vzesx87sVD8neIep","title":"GetOsBuildNumberFromPeb","pathname":"/home/fingerprinting/peb-teb-related/getosbuildnumberfrompeb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"},{"label":"PEB / TEB related"}]},{"id":"TSbxAid1gMauAjmV48rr","title":"GetOsMajorVersionFromPeb","pathname":"/home/fingerprinting/peb-teb-related/getosmajorversionfrompeb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"},{"label":"PEB / TEB related"}]},{"id":"rw7SWkSJW4x547bqyn1K","title":"GetOsMinorVersionFromPeb","pathname":"/home/fingerprinting/peb-teb-related/getosminorversionfrompeb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"},{"label":"PEB / TEB related"}]},{"id":"rlWJN4DeTSUgsrVe385K","title":"GetOsPlatformIdFromPeb","pathname":"/home/fingerprinting/peb-teb-related/getosplatformidfrompeb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"},{"label":"PEB / TEB related"}]},{"id":"eJMj14J1hHatW6se8ccT","title":"GetPidFromEnumProcesses","pathname":"/home/fingerprinting/getpidfromenumprocesses","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"}]},{"id":"z3MiPfoFMnbvibkEZFWB","title":"IsNvidiaGraphicsCardPresent","pathname":"/home/fingerprinting/isnvidiagraphicscardpresent","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"}]},{"id":"gXla1tF6h2jtQfr6YMdY","title":"IsProcessRunning (simple)","pathname":"/home/fingerprinting/isprocessrunning-simple","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Fingerprinting","icon":"page"}]},{"id":"Cepapk76npkvy3EDLtZ3","title":"Wrappers and Helpers","pathname":"/home/wrappers-and-helpers","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"E93xF08Lh4Pmt9sXUA5U","title":"GetProcessHeapFromTeb","pathname":"/home/wrappers-and-helpers/getprocessheapfromteb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"ZUrsPGpC2x9HS15cYzYO","title":"GetCurrentThread","pathname":"/home/wrappers-and-helpers/getcurrentthread","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"66VJEoYhZkUgpsKNrL5U","title":"IsPathValid","pathname":"/home/wrappers-and-helpers/ispathvalid","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"TT1LpRl9edQTWDLCWUTs","title":"IsDllLoaded","pathname":"/home/wrappers-and-helpers/isdllloaded","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"XY0mhJYxl30HGCtyuWLQ","title":"GetFileSizeFromPath","pathname":"/home/wrappers-and-helpers/getfilesizefrompath","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"BAoBKepjVsBsvcvdArjm","title":"IsRegistryKeyValid","pathname":"/home/wrappers-and-helpers/isregistrykeyvalid","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"y8zxFUMwrHyyZPmSMwoF","title":"GetCurrentProcess","pathname":"/home/wrappers-and-helpers/getcurrentprocess","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"bvYdJo8Of82clUCd1B64","title":"GetCurrentProcessIdFromTeb","pathname":"/home/wrappers-and-helpers/getcurrentprocessidfromteb","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"DubvdkdAiP3tNKgVQUtF","title":"GetCurrentProcessIdFromOffset","pathname":"/home/wrappers-and-helpers/getcurrentprocessidfromoffset","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"84x7n8OhdGxQqiFWhP0n","title":"ExecuteBinaryShellExecuteEx","pathname":"/home/wrappers-and-helpers/executebinaryshellexecuteex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"F9XT3NTEraYJ4GZxCQUO","title":"GetProcessPathFromLoaderLoad","pathname":"/home/wrappers-and-helpers/getprocesspathfromloaderload","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"rePVnMsn9mpHNU6zh7kO","title":"GetProcessPathFromUserProcessParameters","pathname":"/home/wrappers-and-helpers/getprocesspathfromuserprocessparameters","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"01eQhGYpc33y9EclAzkE","title":"GetProcessBinaryNameFromHwnd","pathname":"/home/wrappers-and-helpers/getprocessbinarynamefromhwnd","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"daGP5bUPayHK9gFu8JC4","title":"GetCurrentDirectoryFromUserProcessParameters","pathname":"/home/wrappers-and-helpers/getcurrentdirectoryfromuserprocessparameters","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"fdFLxBLGGXZaZtUE5WTL","title":"GetSystemWindowsDirectory","pathname":"/home/wrappers-and-helpers/getsystemwindowsdirectory","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"y0ovCfZutG0gaRX9hXoq","title":"ImplGetModuleHandle","pathname":"/home/wrappers-and-helpers/implgetmodulehandle","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"tNS5VyNE2WFEH1WIfMyd","title":"Masquerade Peb as Explorer","pathname":"/home/wrappers-and-helpers/masquerade-peb-as-explorer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Wrappers and Helpers","icon":"page"}]},{"id":"DsXyI5dFvNa2fpDbVzqP","title":"Process Creation Techniques","pathname":"/home/process-creation-techniques","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"ZKRXkCpon43kGanRyw0r","title":"WindowsRHotKey","pathname":"/home/process-creation-techniques/windowsrhotkey","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"DZ79D7AFqyGhaUstRaq0","title":"WindowsRHotKeyEx","pathname":"/home/process-creation-techniques/windowsrhotkeyex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"WE6BjC0wpLVqsegKH1MI","title":"IeFrameOpenUrl","pathname":"/home/process-creation-techniques/ieframeopenurl","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"rnoiZcouYlH0ZjfE9fSU","title":"INFSectionInstallString","pathname":"/home/process-creation-techniques/infsectioninstallstring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"CszDn2iSbpOWn9ESyAvP","title":"INFSectionInstallString2","pathname":"/home/process-creation-techniques/infsectioninstallstring2","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"xWS0hlydkZsWmvROjIvg","title":"INFSetupCommand","pathname":"/home/process-creation-techniques/infsetupcommand","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"gqtMWs6WMDfTACMp8VAi","title":"CreateProcessFromMsHTML","pathname":"/home/process-creation-techniques/createprocessfrommshtml","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"7DGrja5yZ7OSoDTTh8RN","title":"CreateProcessFromPcwUtilW","pathname":"/home/process-creation-techniques/createprocessfrompcwutilw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"rWNVJdFkP8wLORzPmpkE","title":"ShdocVwOpenUrl","pathname":"/home/process-creation-techniques/shdocvwopenurl","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"0N1AJk1gocZiqzMM2KWM","title":"ShellExecRunDLL","pathname":"/home/process-creation-techniques/shellexecrundll","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"jwU4BfoaBDN6Z9nVIctp","title":"UrlFileProtocolHandler","pathname":"/home/process-creation-techniques/urlfileprotocolhandler","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"CIAu9EPZuhNg2NatVyGV","title":"CoShellExecute","pathname":"/home/process-creation-techniques/coshellexecute","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"drAaUm9nw5uOvvab9JJZ","title":"UrlOpenUrl","pathname":"/home/process-creation-techniques/urlopenurl","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"pa40ecvdo2ZEoUAoGEfe","title":"ZipfldrRouteCall","pathname":"/home/process-creation-techniques/zipfldrroutecall","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"vuFxs6t7RufDajdqiCNS","title":"NtCreateUserProcess","pathname":"/home/process-creation-techniques/ntcreateuserprocess","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"zxaTP4N64FBvakVsiQbb","title":"CreateProcessWithCfGuard","pathname":"/home/process-creation-techniques/createprocesswithcfguard","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"VQMNIlA4AXZ4uscqHGGw","title":"CoShellWindowExecute","pathname":"/home/process-creation-techniques/coshellwindowexecute","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"fGvrNfei0d83gdm2UsMP","title":"RunAsNewUserDllW","pathname":"/home/process-creation-techniques/runasnewuserdllw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"OPJC6tfx7b5SBOjBEPSu","title":"IHxHelpPaneServer","pathname":"/home/process-creation-techniques/ihxhelppaneserver","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"BqYfF1T5Wru1SIe8VnAe","title":"WmiWin32_CreateProcess","pathname":"/home/process-creation-techniques/wmiwin32_createprocess","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"i1ZVqrG0FUzWQVy7Pm48","title":"IHxInteractiveUser","pathname":"/home/process-creation-techniques/ihxinteractiveuser","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"MFJRy1H8dGqNax2wppeX","title":"Touch Injection Click on Desktop Binary","pathname":"/home/process-creation-techniques/touch-injection-click-on-desktop-binary","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Process Creation Techniques","icon":"page"}]},{"id":"0RJNLDT8axn8UvxA4dVu","title":"Shellcode Execution","pathname":"/home/shellcode-execution","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"AahuR2aebxAvTVlGagyi","title":"CreateThreadAndWaitForCompletion","pathname":"/home/shellcode-execution/createthreadandwaitforcompletion","siteSpaceId":"sitesp_I6Cb5","icon":"file-circle-exclamation","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"SGSsOfiQhB2qG0VyJiBs","title":"CDefFolderMenu_Create2","pathname":"/home/shellcode-execution/cdeffoldermenu_create2","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"DuMYzUpLhp9OB6hVmaiL","title":"CertEnumSystemStore","pathname":"/home/shellcode-execution/certenumsystemstore","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"e6mJQpUuFXJSQ8ajjQhB","title":"CertEnumSystemStoreLocation","pathname":"/home/shellcode-execution/certenumsystemstorelocation","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"WfDXJYs0rYwzyuBGeaXQ","title":"ChooseColorW","pathname":"/home/shellcode-execution/choosecolorw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"OFiX2VakeetzKuGTQ9Z1","title":"ClusWorkerCreate","pathname":"/home/shellcode-execution/clusworkercreate","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"VWSUTP2ugeUD5yQRoqeD","title":"CreateTimerQueueTimer","pathname":"/home/shellcode-execution/createtimerqueuetimer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"W6Oqo9dRKTPKGLzZek9U","title":"CryptEnumOIDInfo","pathname":"/home/shellcode-execution/cryptenumoidinfo","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"Q1p6k8D9jYxOlC9mpESE","title":"DSA_EnumCallback","pathname":"/home/shellcode-execution/dsa_enumcallback","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"ZrCqi03xVIoi1ZHVoyJM","title":"EnumChildWindows","pathname":"/home/shellcode-execution/enumchildwindows","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"9AxWLRKsRR6Dbjc4NdN0","title":"EnumDateFormatsW","pathname":"/home/shellcode-execution/enumdateformatsw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"ufvDSE40hWxYmE4uQAZe","title":"EnumDesktopsW","pathname":"/home/shellcode-execution/enumdesktopsw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"pc5iJwXkfBeRC1gSLAwt","title":"EnumDesktopWindows","pathname":"/home/shellcode-execution/enumdesktopwindows","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"MAH94PQqcB1Es0AdnLHE","title":"EnumDirTreeW","pathname":"/home/shellcode-execution/enumdirtreew","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"uQIeHjFkeia3YXh0Ol8B","title":"EnumDisplayMonitors","pathname":"/home/shellcode-execution/enumdisplaymonitors","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"XlpDMUXU0TvtFBNyP510","title":"EnumerateLoadedModules64","pathname":"/home/shellcode-execution/enumerateloadedmodules64","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"UOakn9lc5xVMp9uCPvsh","title":"EnumFontFamiliesExW","pathname":"/home/shellcode-execution/enumfontfamiliesexw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"DdjvzFZ9gnw0qlwDLGFd","title":"EnumFontsW","pathname":"/home/shellcode-execution/enumfontsw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"jkon5gRBEYDMX96v5AyM","title":"EnumLanguageGroupLocalesW","pathname":"/home/shellcode-execution/enumlanguagegrouplocalesw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"FAElBtKBMr4ZyWHJoxU8","title":"EnumObjects","pathname":"/home/shellcode-execution/enumobjects","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"NHN5BvCQvBUs7JyBuALZ","title":"EnumPwrSchemes","pathname":"/home/shellcode-execution/enumpwrschemes","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"VhbMJCoSVyE1pwVAuHgs","title":"EnumResourceTypesExW","pathname":"/home/shellcode-execution/enumresourcetypesexw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"1gMBumgL2UZnv3U78tUH","title":"EnumSystemCodePagesW","pathname":"/home/shellcode-execution/enumsystemcodepagesw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"FPmzSdm0Y8Kyzx35mN0b","title":"EnumSystemGeoID","pathname":"/home/shellcode-execution/enumsystemgeoid","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"JpZaBLIfN3fSPjx69Igh","title":"EnumSystemLanguageGroupsW","pathname":"/home/shellcode-execution/enumsystemlanguagegroupsw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"RkMRA4cfjYJeG5cWyxBs","title":"EnumSystemLocalesEx","pathname":"/home/shellcode-execution/enumsystemlocalesex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"014Ixw8obiJsSsRXFYfy","title":"EnumThreadWindows","pathname":"/home/shellcode-execution/enumthreadwindows","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"tQrvJzOyQVb8p7nDrFL4","title":"EnumTimeFormatsEx","pathname":"/home/shellcode-execution/enumtimeformatsex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"boxRlZhtaRf6RSclYwZd","title":"EnumUILanguagesW","pathname":"/home/shellcode-execution/enumuilanguagesw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"kVUY32MnFquRNVAqBRHG","title":"EnumWindows","pathname":"/home/shellcode-execution/enumwindows","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"S8DMtiuUAR382Q0wt9Gn","title":"EnumWindowStationsW","pathname":"/home/shellcode-execution/enumwindowstationsw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"4pBHviZvRn7SXT7KCRrw","title":"EvtSubscribe","pathname":"/home/shellcode-execution/evtsubscribe","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"eG98XiawuiB8SzRdSqy8","title":"FlsAlloc","pathname":"/home/shellcode-execution/flsalloc","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"y5lUlznoC8h2ZKH6IGME","title":"ImageGetDigestStream","pathname":"/home/shellcode-execution/imagegetdigeststream","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"HF5jdp7KXbzaXJ8ZZUzx","title":"ImmEnumInputContext","pathname":"/home/shellcode-execution/immenuminputcontext","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"9u9k1oXWLxRkp1boeWxi","title":"InitOnceExecuteOnce","pathname":"/home/shellcode-execution/initonceexecuteonce","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"oJQuWksbFbIxEdqGaWFB","title":"K32EnumPageFilesW","pathname":"/home/shellcode-execution/k32enumpagefilesw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"bEd9S2sAY0WsI5vMcAUg","title":"MessageBoxIndirectW","pathname":"/home/shellcode-execution/messageboxindirectw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"gDQUHauuEXcSEMgfykBY","title":"SymEnumProcesses","pathname":"/home/shellcode-execution/symenumprocesses","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"vvlH82kXQX3ehkMRiP0y","title":"SymEnumSourceFilesW","pathname":"/home/shellcode-execution/symenumsourcefilesw","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"oHFhMgJity80IkOkLqoK","title":"VerifierEnumerateResource","pathname":"/home/shellcode-execution/verifierenumerateresource","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Shellcode Execution","icon":"page"}]},{"id":"Ko4Phaa9wouBGvDJetTX","title":"Compression","pathname":"/home/compression","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"PoYgobD7LcvLOnyYqJmv","title":"Lempel-Ziv","pathname":"/home/compression/lempel-ziv","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"}]},{"id":"yKJHes547dDvtH99KqjY","title":"LzStandardDecompressBuffer","pathname":"/home/compression/lempel-ziv/lzstandarddecompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Lempel-Ziv"}]},{"id":"bur5RqBpRE6vStaJSl5H","title":"LzStandardCompressBuffer","pathname":"/home/compression/lempel-ziv/lzstandardcompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Lempel-Ziv"}]},{"id":"DpSCtsYfOCfegTqvUAYJ","title":"LzMaximumDecompressBuffer","pathname":"/home/compression/lempel-ziv/lzmaximumdecompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Lempel-Ziv"}]},{"id":"zTsUyNHgrrQD6EuXJfmZ","title":"LzMaximumCompressBuffer","pathname":"/home/compression/lempel-ziv/lzmaximumcompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Lempel-Ziv"}]},{"id":"pfXcIwBoefgMY7h66yyl","title":"Xpress","pathname":"/home/compression/xpress","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"}]},{"id":"CtxgQYhpGHjPP9uWonAX","title":"XpressMaximumCompressBuffer","pathname":"/home/compression/xpress/xpressmaximumcompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress"}]},{"id":"kfIZbwgDfJrAHktpDbqg","title":"XpressMaximumDecompressBuffer","pathname":"/home/compression/xpress/xpressmaximumdecompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress"}]},{"id":"8J6mYwyN2G3uRIaFiX9d","title":"XpressStandardCompressBuffer","pathname":"/home/compression/xpress/xpressstandardcompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress"}]},{"id":"JlDhc5Y4FfXl5FosAQzi","title":"XpressStandardDecompressBuffer","pathname":"/home/compression/xpress/xpressstandarddecompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress"}]},{"id":"ngO7L6rqWX7MwDhvUVJn","title":"Xpress Huff","pathname":"/home/compression/xpress-huff","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"}]},{"id":"gpdHTBmH8DAHcF5GY7UM","title":"XpressHuffMaximumCompressBuffer","pathname":"/home/compression/xpress-huff/xpresshuffmaximumcompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress Huff"}]},{"id":"closRfE69g0f2O1zkTQp","title":"XpressHuffMaximumDecompressBuffer","pathname":"/home/compression/xpress-huff/xpresshuffmaximumdecompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress Huff"}]},{"id":"WwWrojHSiAO1WQSdSw1c","title":"XpressHuffStandardCompressBuffer","pathname":"/home/compression/xpress-huff/xpresshuffstandardcompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress Huff"}]},{"id":"jMt0tRp3fvjiW1COaAlw","title":"XpressHuffStandardDecompressBuffer","pathname":"/home/compression/xpress-huff/xpresshuffstandarddecompressbuffer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Compression","icon":"page"},{"label":"Xpress Huff"}]},{"id":"N65H6wTtIEaHVzyPxIni","title":"Networking","pathname":"/home/networking","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"GC0hql8OcOaHyWUF1hSM","title":"IPv4IpAddressStructureToString","pathname":"/home/networking/ipv4ipaddressstructuretostring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"1Pj0n8qoygeeCrr17AA3","title":"IPv4IpAddressUnsignedLongToString","pathname":"/home/networking/ipv4ipaddressunsignedlongtostring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"3ePVux4foNmzzd6WER0v","title":"IPv4StringToUnsignedLong","pathname":"/home/networking/ipv4stringtounsignedlong","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"GrBccblmoJ42sndlkuWl","title":"DnsGetDomainNameIPv4AddressAsString","pathname":"/home/networking/dnsgetdomainnameipv4addressasstring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"OJU0Fvl931h0zhlxg6GA","title":"DnsGetDomainNameIPv4AddressUnsignedLong","pathname":"/home/networking/dnsgetdomainnameipv4addressunsignedlong","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"annAjYkWGblfoueL6s2D","title":"GetDomainNameFromIPV4AddressAsString","pathname":"/home/networking/getdomainnamefromipv4addressasstring","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"mIr1lLUwMy0mAEkDf8c2","title":"GetDomainNameFromUnsignedLongIPV4Address","pathname":"/home/networking/getdomainnamefromunsignedlongipv4address","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"eB3ZZJmbZ21V2DCG2IiX","title":"SendIcmpEchoMessageToIPv4Host","pathname":"/home/networking/sendicmpechomessagetoipv4host","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"UGwmLPKIEnLUk2vdjN9n","title":"UrlDownloadToFileSynchronous","pathname":"/home/networking/urldownloadtofilesynchronous","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Networking","icon":"page"}]},{"id":"S36l2MvLuCmBM1fqdQig","title":"Lsass Related","pathname":"/home/lsass-related","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"81hZ8UCPYfpQJSXO4yiI","title":"GetLsaPidFromNamedPipe","pathname":"/home/lsass-related/getlsapidfromnamedpipe","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Lsass Related","icon":"page"}]},{"id":"mvw6PmzmrRPXVnkEytFI","title":"GetLsaPidFromRegistry","pathname":"/home/lsass-related/getlsapidfromregistry","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Lsass Related","icon":"page"}]},{"id":"75jEFFZYSPkIzqbwqC5t","title":"GetLsaPidFromServiceManager","pathname":"/home/lsass-related/getlsapidfromservicemanager","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Lsass Related","icon":"page"}]},{"id":"QQfWqWYFGr3rlfOP3ULH","title":"Proxied Functions","pathname":"/home/proxied-functions","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"FJDJD14xPdnU48sLxyB3","title":"CopyFileViaSetupCopyFile","pathname":"/home/proxied-functions/copyfileviasetupcopyfile","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"WR4S2WVW9kQNeMt1XyDu","title":"CreateFileFromDsCopyFromSharedFile","pathname":"/home/proxied-functions/createfilefromdscopyfromsharedfile","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"ayARmUwNppuF3eQaHqdZ","title":"DeleteDirectoryAndSubData","pathname":"/home/proxied-functions/deletedirectoryandsubdata","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"ExirUU53t3VdwEQEAwdJ","title":"IeCreateDirectory","pathname":"/home/proxied-functions/iecreatedirectory","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"18KKLwAFo8rIGugeDF4V","title":"IeCreateFile","pathname":"/home/proxied-functions/iecreatefile","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"WaJm0gYscG0Yp1AN0YCs","title":"IsProcessRunningAsAdmin2","pathname":"/home/proxied-functions/isprocessrunningasadmin2","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"S6zcNYDkUyUQgfaKaBTK","title":"IEGetFileAttributesEx","pathname":"/home/proxied-functions/iegetfileattributesex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"iJHsPRTqHdo03tc5XMSG","title":"IEMoveFileEx","pathname":"/home/proxied-functions/iemovefileex","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"fYpj0PkhMhUCrxO87LFx","title":"IERemoveDirectory","pathname":"/home/proxied-functions/ieremovedirectory","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Proxied Functions","icon":"page"}]},{"id":"Oki0qkn1DGG6dpwdK7lb","title":"Evasion","pathname":"/home/evasion","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"4H9ZsuKRlEeQAgK1hsoR","title":"AmsiBypass by Patching (OLD)","pathname":"/home/evasion/amsibypass-by-patching-old","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Evasion","icon":"page"}]},{"id":"tkmP9EXTkG58waDQGzed","title":"Delay execution until monitor off","pathname":"/home/evasion/delay-execution-until-monitor-off","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Evasion","icon":"page"}]},{"id":"K2ILKo4Mf0mtSJvrfXsr","title":"Unlink DLL from process","pathname":"/home/evasion/unlink-dll-from-process","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Evasion","icon":"page"}]},{"id":"Bf46nhX82h5M6ASyguFU","title":"Sleep Obfuscation (unstable)","pathname":"/home/evasion/sleep-obfuscation-unstable","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Evasion","icon":"page"}]},{"id":"u7SmeRStFfU2rccCZeCV","title":"Component Object Model","pathname":"/home/component-object-model","siteSpaceId":"sitesp_I6Cb5","icon":"page"},{"id":"R1CnBV0b4XeYuGfGK3CP","title":"IsComInitialized","pathname":"/home/component-object-model/iscominitialized","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Component Object Model","icon":"page"}]},{"id":"H9puK5oPIqGhu00W2bKx","title":"CoGetEnvironmentVariableW","pathname":"/home/component-object-model/cogetenvironmentvariablew","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Component Object Model","icon":"page"}]},{"id":"HeN41FM4FtOG1RkFUCjA","title":"CoCreateIsoForMounting","pathname":"/home/component-object-model/cocreateisoformounting","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Component Object Model","icon":"page"}]},{"id":"znu97Ey6GWOK0M5Ii91i","title":"CoXMLHTTPDownloadByteFileW","pathname":"/home/component-object-model/coxmlhttpdownloadbytefilew","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Component Object Model","icon":"page"}]},{"id":"9cVFAfAqE6HWd6asMCOY","title":"CoEnumUPnPDevices","pathname":"/home/component-object-model/coenumupnpdevices","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"Component Object Model","icon":"page"}]},{"id":"5sugVOiT0uviHNgenHNp","title":"Proof-of-Concepts","pathname":"/home/my-projects/proof-of-concepts","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"}]},{"id":"ZcRrXfkdhtQ6oxv1rkg5","title":"\"Jeff\", COM-only keylogger","pathname":"/home/my-projects/proof-of-concepts/jeff-com-only-keylogger","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"4oM5WamQ6USdjTskWqmF","title":"\"Russian Doll\", Recursive file loader","pathname":"/home/my-projects/proof-of-concepts/russian-doll-recursive-file-loader","siteSpaceId":"sitesp_I6Cb5","description":"","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"9L0EmAoNdBWqODh8pZAy","title":"\"Branchy\", Branchless keylogger","pathname":"/home/my-projects/proof-of-concepts/branchy-branchless-keylogger","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"WpCg91f7uJvwbeVD4nmZ","title":"\"Fever Dream\" - Code executing when the Windows machine is locked","pathname":"/home/my-projects/proof-of-concepts/fever-dream-code-executing-when-the-windows-machine-is-locked","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"D1SEMW0qmSZKhItA8vO7","title":"Creating \"Ransomware\" Using WinRT","pathname":"/home/my-projects/proof-of-concepts/creating-ransomware-using-winrt","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"ZCJKR1ZaoL38wD1zqcYv","title":"Getting Clipboard History in C++","pathname":"/home/my-projects/proof-of-concepts/getting-clipboard-history-in-c++","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"pyZNO7K1GuotIIMB5puJ","title":"Hiding data in GPU VRAM using Direct3D 11","pathname":"/home/my-projects/proof-of-concepts/hiding-data-in-gpu-vram-using-direct3d-11","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"thKAhcsAwqQeeLDOEnxn","title":"OCRMe, dumping OneDrive Business OCR Data","pathname":"/home/my-projects/proof-of-concepts/ocrme-dumping-onedrive-business-ocr-data","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"5TyLzDPCzMsioRqqARls","title":"Meow Meow Kitty Cat Meow Meow","pathname":"/home/my-projects/proof-of-concepts/meow-meow-kitty-cat-meow-meow","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"JiLXefU3rPAroxzypso4","title":"MMKCMM Insert","pathname":"/home/my-projects/proof-of-concepts/meow-meow-kitty-cat-meow-meow/mmkcmm-insert","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"},{"label":"Meow Meow Kitty Cat Meow Meow"}]},{"id":"WgEEUtXm7Yfl1uEidGLX","title":"MMKCMM Pspsps","pathname":"/home/my-projects/proof-of-concepts/meow-meow-kitty-cat-meow-meow/mmkcmm-pspsps","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"},{"label":"Meow Meow Kitty Cat Meow Meow"}]},{"id":"7E7x9SZtcoa6TSPpcbSU","title":"MMKCMM Loader","pathname":"/home/my-projects/proof-of-concepts/meow-meow-kitty-cat-meow-meow/mmkcmm-loader","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"},{"label":"Meow Meow Kitty Cat Meow Meow"}]},{"id":"nBhGVMgh9qGErPWgkMi9","title":"Syscall Trampoline","pathname":"/home/my-projects/proof-of-concepts/meow-meow-kitty-cat-meow-meow/mmkcmm-loader/syscall-trampoline","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"},{"label":"Meow Meow Kitty Cat Meow Meow"},{"label":"MMKCMM Loader"}]},{"id":"H0er0RRQwSPvk1AnX0wK","title":"MMKCMM Loader","pathname":"/home/my-projects/proof-of-concepts/meow-meow-kitty-cat-meow-meow/mmkcmm-loader/mmkcmm-loader","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"},{"label":"Meow Meow Kitty Cat Meow Meow"},{"label":"MMKCMM Loader"}]},{"id":"VuaU5kMhjMhwKLOV1fT8","title":"No Need COM WMI","pathname":"/home/my-projects/proof-of-concepts/no-need-com-wmi","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"2taQjhCoEtTodkN100I0","title":"Disabling Bitlocker Encryption using undocumented COM objects","pathname":"/home/my-projects/proof-of-concepts/disabling-bitlocker-encryption-using-undocumented-com-objects","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"LuETG0mHGBf27dPJcIOZ","title":"Stupid callbacks for malware evasion","pathname":"/home/my-projects/proof-of-concepts/stupid-callbacks-for-malware-evasion","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"pmSbBJFxBCF5MnhZAIdi","title":"Microsoft Copilot, Copilot my payload","pathname":"/home/my-projects/proof-of-concepts/microsoft-copilot-copilot-my-payload","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"lg9ddlPBlZMh3wGUu7JG","title":"HTTPS TLS with AFD.sys, WinSocks not necessary","pathname":"/home/my-projects/proof-of-concepts/https-tls-with-afd.sys-winsocks-not-necessary","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Proof-of-Concepts"}]},{"id":"IWxqC1hb9kDSocQ4D6i5","title":"Write-ups","pathname":"/home/my-projects/write-ups","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"}]},{"id":"h9Pn9BFEAZ6Ub4JmBRx5","title":"A Quick Guide to Defining Malware with $0, Python3, and Windows","pathname":"/home/my-projects/write-ups/a-quick-guide-to-defining-malware-with-usd0-python3-and-windows","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"AuDltze3G7sUoEQ4HkZU","title":"Why do video games use kernel-mode anti-cheats?","pathname":"/home/my-projects/write-ups/why-do-video-games-use-kernel-mode-anti-cheats","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"eWZbvDGHd6aiJgOMD7xs","title":"Fake Lockbit 5.0 silliness and 3 layers of ransomware lasagna","pathname":"/home/my-projects/write-ups/fake-lockbit-5.0-silliness-and-3-layers-of-ransomware-lasagna","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"oVPrrPCOmEXbnNnAP9K9","title":"Wtf are these Threat Actors doing? XUbuntu malware is dumb and stinky","pathname":"/home/my-projects/write-ups/wtf-are-these-threat-actors-doing-xubuntu-malware-is-dumb-and-stinky","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"rCCVkK4IebUBJ1yYSrDs","title":"The rise of malware mainstream \"acceptance\" and \"popularity\" is thanks to the government","pathname":"/home/my-projects/write-ups/the-rise-of-malware-mainstream-acceptance-and-popularity-is-thanks-to-the-government","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"34ytxrNjZtI4T7563XST","title":"Can \"adult\" websites actually \"infect\" your computer?","pathname":"/home/my-projects/write-ups/can-adult-websites-actually-infect-your-computer","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"Q2XiQvDX7mxeDivazeVG","title":"Free MacOS malware for everyone! Hurry up before Google patches it!","pathname":"/home/my-projects/write-ups/free-macos-malware-for-everyone-hurry-up-before-google-patches-it","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"5SQ2g6m2sCCDn2fRqIQq","title":"Some quick notes on Microsoft Copilot","pathname":"/home/my-projects/write-ups/some-quick-notes-on-microsoft-copilot","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"fvGS0gzGmlbdjDblgQ99","title":"r/PiratedGames drama. Is it malware? Yes. Is it cool malware? No","pathname":"/home/my-projects/write-ups/r-piratedgames-drama.-is-it-malware-yes.-is-it-cool-malware-no","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"6Uclwty26r31nXzjM6ZO","title":"MalwareBytes internals (incomplete)","pathname":"/home/my-projects/write-ups/malwarebytes-internals-incomplete","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]},{"id":"uzLZR7lf6OZw8Ii8rMht","title":"Smokest Stealer, a new malware family? Maybe?","pathname":"/home/my-projects/write-ups/smokest-stealer-a-new-malware-family-maybe","siteSpaceId":"sitesp_I6Cb5","breadcrumbs":[{"label":"My Projects"},{"label":"Write-ups"}]}]}