Internals

Combining PPID Spoofing, Module Stomping, RC4 encryption, and native NT API enumeration into a single injection framework — built from scratch to understand how modern evasion techniques work under the hood.

Manual PE backdooring from scratch: code cave injection, new section addition, XOR evasion, and Adaptix C2 beacon delivery inside a legitimate PuTTY binary.

Deep dive into the Windows PE file format and runtime process inspection via PEB walking — parsing headers, import/export tables, and the loader module list.