made a simple maldev project

made a simple maldev project

remote thread DLL injection, payload obfuscation (RC4 + UUID encoding), and resource‑section embedding. The final loader carries an encrypted payload inside its own .rsrc section, decrypts it at runtime, and injects it into a target process

Ik it's pretty basic😅, so I'll make the following changes to it

  • Avoid writing the DLL to the disk, and directly load it into memory using Reflective Loader or Prepended Loader, and change classic injection with Process Hollowing, or Early Bird
  • Change RC4 to AES
  • Integrate C2 so the enumeration result will be transmitted to the team server using beacon, and not written to a file on system

PROJECT LINK - github link

But I'm going to first practice some Reverse-Engineering on it lol.

would appreciate suggestions and stuff : )

u/adocrox — 3 days ago

looking for a red-teaming grp/team

Thinking about making/joining a team focused on red-teaming, I've been learning by myself for a long time cos i thought group study would slow me down, but i think its the opposite lol

specifically - Windows & AD, OpSec, Maldev and OTD.

A little bit about me, I'm doing CRTO rn, with a bit of Windows Internals, OTD, and DSA (Cos im planning on doing a lot of Evasion, Maldev, OTD, ProLabs this year)... So I'm expecting someone with similar or higher skills lvl

reddit.com
u/adocrox — 12 days ago

how do you guys balance learning with life? and imposter syndrome?

I try to study a lot, at least 6 hrs, tho i've gone up to 9, and as low as 4 (when I'm too busy with housework or sem exams, etc), for context, I've done CRTP, CPTS's course on HTB academy, ~85 machines on HTB, a lot of portswigger academy and a couple vulns on Hacker1 (I'm not really into web so i did bug bounty only for a month)... Now I'm doing CRTO with Windows internal crash course and OTD course... but every time I open LinkedIn, there's a guy doing 100s of challenges on HTB, solving pro labs and everything at once, so it makes me feel like I'm not doing enough.

What skills/achievements are in the top 10% candidates for roles like Red-teaming, VAPT, etc that differentiates them from others

I'm planning to complete Maldev Academy and learn some RE by the end of this year, and move on to Azure AD and HTB's AI red-teaming cert next year.

reddit.com
u/adocrox — 13 days ago

Is CPTS a deal-breaker?

So I've done CRTP, and I'm doing CRTO now, and even though I've done the CPTS course, I don't really wanna do the exam. I do HTB occasionally (I've done around ~70 machines this year), I was planning to do ODPC and/or AORTC along with MalDev Academy, as this stack might tell me I'm more interested in Windows, MalDev, OTD, and red-teaming... I also have 2 vulnerabilities on Hacker1...

I feel like I'd rather do Azure (cos I've done MCRTA from CWL so ik the basics of cloud pentesting) or AI red-teaming... Will not doing CPTS be a deal-breaker for a job-hunting as a fresher (India)

reddit.com
u/adocrox — 22 days ago

made a simple TimeStomping tool, is it *LinkedIn* worthy?

so i made this Timestomping tool using C and Windows API, it changes the Time metadata of the malicious tool to blend with the on-system files for OPSEC (IK it's pretty basic nothing state-level stuff)... my main objective was to get better with Windows API, without using AI...

I expected it to be pretty difficult and lengthy, but it finished in like 30-45mins, and ~90 lines... so is this good enough to post on LinkedIn like "made a small project" stuff...

I've attached the link

github.com
u/adocrox — 24 days ago

Would you still buy certs if they sell just courses(with labs) for 30%

If courses like CRTO, OSCP have an option that you can just buy the courses and labs (but no cert ) @ 70% of the price, would you still pay 100% and get the cert or just 70% and get the course+lab?

reddit.com
u/adocrox — 25 days ago

second-guessing my study plan cos of the amount of domains (and LinkedIn posts)

3rd year CSE student here (graduating in 2028), trying to get into red teaming. I've got time, I have a rough plan, but seeing what other people are doing and what different companies are asking got me second-guessing my plans (every time I,make one)

Here's where I'm at: I've done CRTP, ~75 machines on HTB (60% AD, 40% linux and web), finished most of the HTB Academy Penetration Tester path, studied basic web vulns (client-side and server-side PortSwigger), and found 2 bugs on HackerOne. Currently doing CRTO, and after that I planned to go: Windows Internals → Maldev Academy → ODPC by WhiteKnightLabs → Azure AD — with a bit of reverse engineering on the side. Also want to squeeze in AI red teaming from HTB Academy since that space is blowing up, and I have enough time.

Then I see someone on LinkedIn with 10 CVEs and Bug-Bounties, someone else says web pentesting is a dealbreaker for any beginner offensive sec role and if you can't do web, you won't get hired. I do know web pentesting, but not as good as a pro-BBhunter...

Everyone is saying something different, and it's hard to know who to listen to.

The thing is, the web is not really my thing. I do it because everyone says you have to. I find AD, Windows internals, evasion, and maldev more interesting. I'd rather spend my time building a custom loader or understanding how EDR hooks work than chasing SSRF bugs in web apps. But then I feel like I'm leaving a gap that'll cost me in interviews.

I guess my actual questions are:

  • For red team roles specifically, how much does web depth actually matter vs. AD/maldev/evasion depth?
  • Is CVE hunting on open source projects worth pursuing alongside a red team path, or is it a distraction?
reddit.com
u/adocrox — 1 month ago

second-guessing my study plan cos of the amount of domains (and LinkedIn posts)

3rd year CSE student here (graduating in 2028), trying to get into red teaming. I've got time, I have a rough plan, but seeing what other people are doing and what different companies are asking got me second-guessing my plans (every time I,make one)

Here's where I'm at: I've done CRTP, ~75 machines on HTB (60% AD, 40% linux and web), finished most of the HTB Academy Penetration Tester path, studied basic web vulns (client-side and server-side PortSwigger), and found 2 bugs on HackerOne. Currently doing CRTO, and after that I planned to go: Windows Internals → Maldev Academy → ODPC by WhiteKnightLabs → Azure AD — with a bit of reverse engineering on the side. Also want to squeeze in AI red teaming from HTB Academy since that space is blowing up, and I have enough time.

Then I see someone on LinkedIn with 10 CVEs and Bug-Bounties, someone else says web pentesting is a dealbreaker for any beginner offensive sec role and if you can't do web, you won't get hired. I do know web pentesting, but not as good as a pro-BBhunter...

Everyone is saying something different, and it's hard to know who to listen to.

The thing is, the web is not really my thing. I do it because everyone says you have to. I find AD, Windows internals, evasion, and maldev more interesting. I'd rather spend my time building a custom loader or understanding how EDR hooks work than chasing SSRF bugs in web apps. But then I feel like I'm leaving a gap that'll cost me in interviews.

I guess my actual questions are:

  • For red team roles specifically, how much does web depth actually matter vs. AD/maldev/evasion depth?
  • Is CVE hunting on open source projects worth pursuing alongside a red team path, or is it a distraction?
reddit.com
u/adocrox — 1 month ago

Me after fumbling my first internship interview

I didn't even know what they'll ask, so i prepared questions about my projects (ransomware poc in C using win API and CNG, ssh honeypot in python, priv escalation enumeration tool in PS), spent 3 days learning about pointers and memory management, cloud IAM, and was confident about AD from my HTB & CRTP experience... they asked about ssrf, and very conceptual questions about AD pentesting... (It was a security intern/red teaming intern)

Any tips/suggestions on how i should prep for future interviews?

P.S: mera dukh baatne ki jagah, log mjhse "kahan se apply kia" puch rhe hain

u/adocrox — 2 months ago