Shayan Ahmed KhanGhost in the system, Malware Defense EvasionIn this article, I’ll be discussing a list of interesting Malware Defense Evasion techniques. These techniques have been extracted from…Aug 7Aug 7
Shayan Ahmed KhanLayers of Deception: Analyzing the Complex Stages of XLoader 4.3 Malware EvolutionXLoader, an advanced evolution of the FormBook malware, stands out as a highly sophisticated cyber threat renowned for its dual…Jan 231Jan 231
Shayan Ahmed KhanFrom Infection to Encryption: Tracing the Impact of RYUK RansomwareRyuk ransomware is a very famous and deadly piece of malware that was first discovered in mid 2018 and has been active since. There are…Nov 26, 20231Nov 26, 20231
Shayan Ahmed KhanDecrypting the Mystery of MedusaLockerIn this analysis, I will not cover the stage1 and stage2 of MedusaLocker which includes initial access using a maldoc and execution using a…Nov 13, 2023Nov 13, 2023
Shayan Ahmed KhanRevEnge! Reverse Engineering android apps to bypass SSL pinning for mobile app pen-testingThis is the second part of my 2 part blog series on mobile app pen-testing and reverse engineering. In the first part, I have explained how…Oct 31, 2023Oct 31, 2023
Shayan Ahmed KhanSecrets of commercial RATs! NanoCore dissectedThis article includes the technical analysis of a commercial RAT which is easily available on black market for cheap price. NanoCore is a…Sep 21, 2023Sep 21, 2023
Shayan Ahmed KhanRevEnge! Reverse engineering android apps to bypass root detection capabilities for mobile…Root and Emulator detection capabilities are common these days in most of the android apps which makes it harder for pen-testers and…Nov 5, 20221Nov 5, 20221
Shayan Ahmed KhanThe epitome of evasion! A custom shellcodeShellcode injection is one of the most used defence evasion technique because shellcode is injected into a volatile memory therefore there…Apr 9, 2022Apr 9, 2022
Shayan Ahmed KhanReverse Authentication! How I diffused infamous bomb.exe in one hourReverse engineering is a very powerful technique to audit software and analyze malware samples. While this technique is very useful in…Mar 23, 2022Mar 23, 2022
Shayan Ahmed KhanChange your DNA! Shuffle the bytesIn security testing, a single variant of malware is tested on different systems and the main problem with this approach is that if a…Mar 15, 2022Mar 15, 2022