/tags/evasion/ Recent content in Evasion on Vanilla InfoSec Hugo -- gohugo.io en Wed, 13 May 2026 00:00:00 +0000 /posts/belphc2---jitter-logic-and-chaos-theory/ Wed, 13 May 2026 00:00:00 +0000 /posts/belphc2---jitter-logic-and-chaos-theory/ BelphC2 - Jitter Logic and Chaos Theory Disclaimer Is this necessary? Probably not… Do I find this cool and do I want to blab about it? Yes! Introduction to Jittering While developing BelphC2’s polling behavior, I had to decide how to generate seemingly random jittering values. Most post exploitation frameworks implement some form of a jitter. The term “jitter” refers to how a post exploitation framework’s beacon/implant manages its communication or ‘polling’ intervals. /posts/introduction-to-process-injection---a-primer-on-the-theory/ Thu, 16 Apr 2026 00:00:00 +0000 /posts/introduction-to-process-injection---a-primer-on-the-theory/ What is Process Injection? In essence, process injection involves: Inserting a block of code (usually shellcode) into the memory space of a process. Process injection is a means to an end for evading on disk detection. Instead of executing malicious code directly via a PE file or script (which could more easily be caught on disk by antivirus or EDR), the code is injected into process memory. While by no means is this a reliably stealthy on its own, it is a fundamental concept needed to be understood before developing more advanced execution workflows.