Linux Process Evasion: ptrace & prctl
Stop analysts in their tracks. Learn how to leverage PTRACE_TRACEME and PR_SET_DUMPABLE syscalls to harden your agents against debuggers and memory acquisition.
X64
Linux x64 Assembly: The Anatomy of Syscalls and the Secrets of the .bss Segment
Go behind the scenes of the Linux Kernel. Learn the register protocol for syscalls and why the .bss segment is essential for efficient, zero-disk memory reservation.
ICMP-Ghost: A Technical Analysis of Low-Level Network Communication in x64 Assembly
Meet the ghost in the machine. ICMP-Ghost uses zero-dependency x64 Assembly to bypass EDRs. Learn how fileless execution and ICMP stealth communication work at the syscall level.
Network Programming in Assembly: A Single-Pass Algorithm for Printing IP Addresses
Printing 192.168.1.5 instead of 5.1.168.192 is a common Assembly pitfall. Master a backward-build algorithm that handles Byte Order conversion without extra memory cycles.
Building a Low-Level ICMP Sniffer in x64 Assembly (Raw Sockets)
Scapy or C are easy, but true control lies in the CPU cycles. Learn how to build a raw socket sniffer from scratch in x64 Assembly, bypassing libc for pure kernel interaction.