Home
All Posts
Tags
About
Atom feed
How to create your own mythic agent in C
May 23, 2024
27 minute read
Written by @ZkClown & Ze_Asimovitch
Table of Content
Abstract
Understand the framework
Mythic
Let’s start our Mythic instance
Create our payload and translator
Create our Skeleton
Customise our skeleton
Agent side
Translator side
Create communication diagram
Craft your own protocol
Understand what Mythic wants
Check-in
Get Tasking
Post Response
Crafting the agent’s architecture
Project structure
Ceos configuration
Implementing the communication
Package and Parser
Transport
...
read more
How to perform a Complete Process Hollowing
January 24, 2024
36 minute read
Written by @ZkClown
Table of Content
Abstract
Basic Process Hollowing
Definition
Start a suspended process
LoadPE and Retrieve NT Headers
Allocate Memory
Copy PE in target process
Image base Relocation
Changing the entrypoint and resuming the execution
Make the remote process load the required libraries
Load an arbitrary DLL in a remote process
Resolve injected PE IAT to make the remote process load all the dependencies
Resolve the functions and libraries addresses on the remote process
Retrieve the libraries and function addresses
...
read more
