• Posts
Projects
• Bypassing Applocker+AMSI+Defender in 2024
• Home VPN Setup with PFSense
• MalDev
Resources
• My Favorite Resources
• PenTest+
Tools
• Meterpreter
• OpenCanary

Malware Development #0

Brief Project Overview Malware development has been something that has interested me; however, most of my success in customer engagements has been due to using publicly available tooling, not my own work. This blog post will hopefully document my process into creating a custom HavocC2 loader bypassing several EDRs. Many topics on malware development exist, but I find that writing/teaching about a topic forces me to understand it more deeply.

Wednesday, December 10, 2025 | 3 minutes Read

Bypassing Applocker+AMSI+Defender in 2024

Introduction Malware development and EDR/AV evasion is a constant cat and mouse game. Evasion techniques are discovered, popularized, and then shortly detected. This is a combination of several techniques learned while taking Offsec’s Offensive Security Experienced Professional (OSEP) course. As of July 2024, this method will successfully run Malicious PowerShell on a fully patched Windows system with Applocker, AMSI, Constrained Language Mode (CLM), and Defender. PowerShell can then be used to perform recon like WinPEAS.

Monday, June 8, 2020 | 2 minutes Read

Home VPN Setup with PFSense

Introduction Setting up PFSense as a VPS within your home environment will provide several benefits. First, all your home network traffic will be protected by a well developed and capable next generation firewall. PFSense has been around since 2006 and has continued to grow in support and development making it an extremely advanced open source security solution. Although I will not go into it within this post, PFSense has a package manager that can be used to install additional tools like Snort, Suricata, pfBlocker, Squid and more.

Monday, June 8, 2020 | 6 minutes Read