Techniques

TTPs across the kill chain (recon → persistence) and exploit development (ROP, UAF, type confusion, heap grooming).

15 pages in this category.

• AMSI Bypass
• Early Cascade Injection
• EDR Unhooking
• Heap Grooming
• Initial Access — Getting the first foothold inside the perimeter.
• Integer Overflows & Arithmetic Bugs
• Lateral Movement — Reusing access from one host to reach another.
• Linux Process Injection via Seccomp Notifier
• Persistence — Surviving reboots, user logouts, and AV sweeps without lighting up the SIEM.
• Privilege Escalation — Going from the user you landed as to the user (or kernel) you actually want.
• Race Conditions & TOCTOU
• Reconnaissance — Mapping the target before touching it.
• Return-Oriented Programming (ROP)
• Type Confusion
• Use-After-Free (UAF)