Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example. 3 minute read ﷽
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. 8 minute read ﷽
