Disclaimer There is no novel research/content in this blog post, nor do I claim any work in this blog post to be mine (it’s not). This post is just a personal study note that I use for personal reasons while I study others’ work regarding offensive security tradecraft.…
Summary Covenant dropper in action For the past couple of days, I have finally decided to dive deeper into the world of custom payload generation. So I have created a very simple custom dropper utilizing WinAPI [https://docs.microsoft.com/en-us/windows/win32/apiindex/windows-api-list] through C++, Covenant agent [https:…