Recent Incantations

2026-04-11 Injection new
C++ Win32 Sliver Donut malware

Early Bird APC Injection

From Meterpreter to Sliver + Donut

Read spell →
1183 words 6 min
2026-04-04 Initial Access new
Windows Office VBA Macro

Weaponizing Office Documents - Part 1

Macros Are Not Dead

Read spell →
715 words 4 min
2026-04-01 Injection new
C++ Win32 malware

Process Hollowing

Wearing Another Process's Skin

Read spell →
1230 words 6 min
2026-03-30 Injection
C++ Win32 injection malware

Classic DLL Injection

A brief look at the classic injection technique

Read spell →
317 words 2 min
2026-03-29 Windows Internals
C++ Win32

Handles for Beginners

Practical guide to start Windows System Programming

Read spell →
861 words 4 min
2026-02-19 Malware
C++

The Master Boot Record and the MEMZ trojan

512 bytes to boot your pc

Read spell →
947 words 5 min
2026-02-14 Windows Internals
thread TEB WinDbg C++ User Mode

Thread and Execution Flow

Master scheduling context and execution state

Read spell →
2739 words 14 min
2026-02-10 Windows Internals
Windows WinDbg C++ User Mode PEB

Inside the Windows Process

A deep dive into the Windows Process

Read spell →
2484 words 12 min
end of current inscriptions