37 Commits

Author	SHA1	Message	Date
h3xduck	f175783e9b	New images and explanation for library injection section	2022-07-02 13:50:29 -04:00
h3xduck	2c7b6b9ecf	Final changes and final PDF	2022-06-23 15:17:02 -04:00
jet	ded698411e	new gantt chart fig	2022-06-22 13:08:52 +02:00
h3xduck	500314751b	Completed budget, added gantt chart	2022-06-21 23:13:30 -04:00
h3xduck	5d6619ce40	Finished section 5. Multiple changes in the code according to the performed tests.	2022-06-19 14:35:19 -04:00
h3xduck	bfcbfcfaf2	Added multiple small changes to client and code, submitting almost finished chapter 5	2022-06-18 10:57:10 -04:00
h3xduck	2b719ff0a5	Completed chapter 4	2022-06-16 20:38:15 -04:00
h3xduck	e4737b3272	Completed rootkit client and rootkit user program ring buffer	2022-06-15 22:54:20 -04:00
h3xduck	75e92445e5	Modified terminal names in the client	2022-06-15 19:09:58 -04:00
h3xduck	bdda5c4269	Modified client options once again for screenshots	2022-06-15 18:42:31 -04:00
h3xduck	6f2ef04a92	Completed backdoor and c2 section	2022-06-15 15:40:08 -04:00
h3xduck	8f844c748b	Completed command and control	2022-06-15 12:45:59 -04:00
h3xduck	f09d6a6989	Continued with c2, bit i didnt like the structure, so it needs to be reformatted	2022-06-14 20:31:57 -04:00
h3xduck	9951f3a3fd	Completed execution hijacking, completed first subsection of backdoor	2022-06-14 15:44:21 -04:00
h3xduck	163f923c55	Continued with execve hijacking.	2022-06-13 22:16:34 -04:00
h3xduck	a1a41b02df	Almost completed section about privilege escalation	2022-06-13 15:44:37 -04:00
h3xduck	99ad9c5548	New explanation for the injection technique (alternative scanning process) and added flow diagram with full process.	2022-06-13 10:57:32 -04:00
h3xduck	71b093141b	Further advanced with the library injection, almost finished. Multiple enhancements	2022-06-12 22:34:50 -04:00
h3xduck	0aec74e024	New diagrams, completed rootkit architecture	2022-06-12 08:16:59 -04:00
h3xduck	c14b407644	Added new rootkit overall diagram for architecture section	2022-06-11 22:20:27 -04:00
h3xduck	1595caa8d0	Continued with library injection attack	2022-06-09 22:57:25 -04:00
h3xduck	a46339e912	Finished ROP by jeff dileo	2022-06-08 08:59:32 -04:00
h3xduck	5d67eddfd7	Finished rop explanation	2022-06-07 15:38:42 -04:00
h3xduck	65107f08ae	Finished buffer overflow subsection	2022-06-07 12:52:51 -04:00
h3xduck	92103d234e	Finished analysis of offensive capailities (techniques from defcon finally not included, at least for now)	2022-06-06 20:50:28 -04:00
h3xduck	55378027ab	Completed memory corruption and continued with networking programs.	2022-06-05 21:20:23 -04:00
h3xduck	3f02cd4996	Continued with memory corruption. Only attacks remaining	2022-06-05 09:01:09 -04:00
h3xduck	d4a881540f	Continued with memory corruption study	2022-06-04 08:55:45 -04:00
h3xduck	2c3648a18a	Continued with offensive capabilities, incorporated security features and started with tracing program features	2022-06-02 19:00:10 -04:00
h3xduck	5d5aafb46d	Finished SotA	2022-05-28 09:23:41 -04:00
h3xduck	74e8163791	Continued with eBPF program types	2022-05-26 21:47:28 -04:00
h3xduck	a99c3e0f7d	Continued with architecture, finished JIT, remodelled the second section of sSOTA	2022-05-25 22:00:28 -04:00
h3xduck	820c9f9401	Fixed some diagrams	2022-05-23 08:47:39 -04:00
h3xduck	a27543a7a6	Completed bpf in the history section	2022-05-23 07:08:46 -04:00
h3xduck	c29a99e03f	ALmost completed cbpf explantion	2022-05-23 06:17:21 -04:00
h3xduck	3ec9175053	Continued with the state of the art section	2022-05-22 08:19:32 -04:00
h3xduck	dccea69119	Updating documentation, preparing document with sections and comments	2022-04-27 21:59:56 -04:00