core-jmp

core-jmp

death of core jump

  • Home
  • windows
  • Reverse Engineering
  • exploitation
  • shellcode
  • About
  • Privacy Policy

Homeshellcode

Posts in category: shellcode

Process Injection via Component Object Model (COM) IRundown::DoCallback() for run cmd.exe from lsass.exe or other pids

February 6, 2026
by oxfemale AdministratorBypassingCallbackscppEDREscalationInjectionLoadershellcodewinapiwindows

A PoC/demo demonstrating code injection via COM (using the IRundown::DoCallback() mechanism) to execute a payload in the context of a selected process, including lsass.exe (or any other PID).

Read More
Abusing Microsoft Warbird for Shellcode Execution

Abusing Microsoft Warbird for Shellcode Execution

February 4, 2026
by oxfemale BypassingEDRshellcodeWarbirdwindows

The article demonstrates an EDR bypass by using an undocumented Warbird interface to stealthily load shellcode.

Read More
Living off the Process

Mastering Living off the Process in Offensive Security

February 2, 2026
by oxfemale ASMcppDebugGadgetsROPshellcodeUncategorizedwindows

No need for overusing WriteProcessMemory, VirtualAlloc, injecting a DLL, etc. This way, everything you need to manipulate the remote process is self-contained and already available to the process.

Read More
  • First
  • Previous
  • 1
  • 2

Recent Posts

  • 89 vulnerabilities in XAPI / Citrix XenServer
  • Patchless AMSI Bypass via Page Guard Exceptions
  • A Step-by-Step Guide to Uncovering Vulnerabilities in a Mobile App
  • How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
  • A Shortcut to Coercion: Incomplete Patch of APT28’s Zero-Day Leads to CVE-2026-32202

Archives

  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Active Directory Active Directory Security Application Security byovd bypass cpp EDR EDR Bypass EDR Evasion EDREvasion Embedded Security Endpoint Security Exploit Development Firmware Reverse Engineering Hardware Hacking Hardware Security injection IoT Security Kernel Debugging Kernel Exploitation macOS Security Malware Analysis Malware Development Memory Corruption Offensive Security Post-Exploitation PPL Privilege Escalation Process Injection red team RedTeam Red Teaming Red Team Techniques remote code execution Reverse Engineering Security Research shellcode Vulnerability Research WinDBG windows Windows 11 Windows Internals Windows Kernel Windows security WindowsSecurity

Categories

  • .NET
  • access
  • ACE
  • ACL
  • Active Directory
  • Active Directory
  • AD CS
  • Administrator
  • AI Agents
  • AI Security Research
  • alloc
  • ALPC
  • AMSI
  • Android
  • Antivirus
  • Apache Tomcat
  • APC
  • Apple Silicon
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BIOS
  • BitLocker
  • Blue team
  • Bluetooth
  • Boot ROM
  • Broadcom
  • BSoD
  • buffer overflow
  • BYOUD
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • Camera
  • CI/CD
  • CIMOM
  • Cisco
  • Citrix
  • Claude AI
  • CLFS
  • cmd
  • COM
  • Command Injection
  • Containers
  • Copilot
  • Cortex XDR
  • CPL
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • CSRF
  • DCOM
  • Debug
  • Defender
  • DEP
  • Deserialization
  • DFIR
  • DLL Sideloading
  • DMA
  • DNS
  • Driver
  • dump
  • EDR
  • Embedded
  • Encryption
  • Escalation
  • ESP32
  • ESXi
  • Evasion
  • Eventlog
  • Exploit Development
  • exploitation
  • filesystem
  • firmware
  • Flash
  • FreeBSD
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • Hooking
  • Hyper-V
  • Hypervisor
  • Impacket
  • impact
  • Injection
  • IOCTL
  • IoT
  • IPC
  • IRP
  • Java
  • JIT
  • JWT Security
  • Kerberos
  • kernel
  • kernel-mode
  • LDAP Relay
  • Library
  • Linux
  • LLM
  • LLM Exploit Development
  • LNK
  • Loader
  • LOLExfil
  • LSA
  • LSASS
  • Machine Learning
  • MacOS
  • Malware
  • MCP
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • NTLM Relay
  • NVMe
  • ODR
  • Palo Alto
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • PHP
  • pipe
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Privilege Escalation
  • Protection
  • PXE
  • Python
  • QEMU
  • Race Condition
  • radare2
  • RCE
  • Recall
  • Recovery mode
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • RTTI
  • Rust
  • SAM
  • Secure Boot
  • Security
  • Security
  • shellcode
  • Shortcut
  • SPI Flash
  • Stack Overflow
  • STM32H5
  • TCP/IP
  • TEB
  • Telegram
  • Telnetd
  • TPM
  • UAC
  • UART
  • UEFI
  • Uncategorized
  • USB
  • Use-After-Free
  • user-mode
  • Virtualization
  • VMProtect
  • VMware
  • Warbird
  • WASM
  • WEB
  • winapi
  • winapi
  • WinDBG
  • windows
  • Windows Admin Center
  • Winsock
  • WMI
  • WML
  • Wordpress
  • WSL
  • XenServer
  • Xiaomi
  • XML
  • XNU Kernel
  • XSS
  • XXE
Log in
    © 2026 core-jmp. All rights reserved.
    Shopping Basket