About Me
Hey, I'm Arth! a Computer Science graduate, who loves Cybersecurity and suffers in an abusive relationship with coding but still manages to love it somehow. I like to make my own tools from scratch and I usually work with languages like:
- C
- C++
- x64 asm
I specialize in writing low level code and reverse engineering. I like to find vulnerabilities and create exploits to do adversary simulation and test the limits of modern security. I also work with radio-frequencies using my Hackrf one to research security in wireless technologies. Due to the nature of my work, here’s a lil warning for anyone who visits this website.
The information you gather from my blogs, all the techniques, proofs-of-concept code, or whatever else you may possibly find here, are strictly for educational purposes.
Background
Playing around in my dad's embedded systems lab form a very young age lead to a lot of exposure to hardware, robotics, microprocessors, etc. and I developed a habit to tinker with anything that I could find. I made many hardware projects and eventually started to learn C. My first application which I was very proud to make was a simple console-based snakes game written purely in C.
Reading the source code now, I do think it looks very naive but yeah, it was the start of an interesting journey. A journey I never knew I was gonna walk :)
What is this website?
This is a website I wanted to make for a long time but ended up actively avoiding facing this hassle. So now that I made up my mind, I will use this website to document my projects and also explain some of the stuff that I learnt.
I have arranged my work in different categories in the left side menu. You can also start with one of these projects. Feel free to explore:
- YetAnotherGate
- Remote Access Trojan
- Reflective Loader
YetAnotherGate is a Syscall engine which focuses on stealth.
It can produce ~2000 different indirect syscall stubs which are obfuscated at runtime via un-optimization.
RAT is a framework which supports end to end windows payload delivery from the initial infection to complete system takeover.
It uses YetAnotherGate, YetAnotherReflectiveLoader and a custom communication logic to stay stealthy.
YetAnotherReflectiveLoader is an advanced PE injection tool.
It maps payloads completely from memory without touching the disk and unlinks VAD entries to hide the payload.
A nice little thing I must add is, I am just like any other guy who is learning Cybersecurity, I do not know everything that is out there and I will tend to make mistakes in my codes and in the logic I develop. There must be a better way to do whatever I write. I am open to hearing suggestions and learn more.
Upcoming Content
- About Me
- Polymorphic Syscall Engine
- Reflective DLL Injection via Manual Mapping
- Position Independent Code
- VAD Unlinking
- Fake DriverObject
- Kernel Callback Integrity Bypass
- Return-oriented programming
- Remote Access Trojan
- Network Lib.
- VM Detection
- Very Advanced Web Scraper, etc.