Tag Archives: vbscript

MiniDumpWriteDump via COM+ Services DLL

Introduction This will be a very quick code-oriented post about a DLL function exported by comsvcs.dll that I was unable to find any reference to online. UPDATE: Memory Dump Analysis Anthology Volume 1 that was published in 2008 by Dmitry … Continue reading

Posted in windows | Tagged , , , | 1 Comment

Shellcode: In-Memory Execution of JavaScript, VBScript, JScript and XSL

Introduction A DynaCall() Function for Win32 was published in the August 1998 edition of Dr.Dobbs Journal. The author, Ton Plooy, provided a function in C that allows an interpreted language such as VBScript to call external DLL functions via a … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , , , | Leave a comment

Shellcode: Loading .NET Assemblies From Memory

Introduction The dot net Framework can be found on almost every device running Microsoft Windows. It is popular among professionals involved in both attacking (Red Team) and defending (Blue Team) a Windows-based device. In 2015, the Antimalware Scan Interface (AMSI) … Continue reading

Posted in assembly, encryption, malware, programming, security, shellcode, windows | Tagged , , , , , , | 1 Comment