PEunion

Crypter, binder & downloader
  • In-memory decryption & execution
  • Two-layer execution architecture

PEunion

r77 Rootkit

Ring 3 rootkit - your presence is invisible
  • Hides processes, files, network connections, etc.
  • Out of the box, single file installer
  • Fileless persistence, in-memory injection

r77 Rootkit

0day Exploits

What you penetrate is what you create

List of vulnerabilities that I have personally discovered & PoC's

0day Exploits

Living Off The Land

State of the art fileless attacks
  • Execution without any files
  • Process injection
  • Persistence

... It's technically not even there

Living Off The Land