URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Submission: On October 21 via manual from BR — Scanned from DE

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 91 HTTP transactions. The main IP is 2606:4700:4400::6812:282f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ired.team.
TLS certificate: Issued by WE1 on October 21st 2024. Valid for: 3 months.
This is the only time www.ired.team was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
72 2606:4700:440... 13335 (CLOUDFLAR...)
3 6 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:249... 16509 (AMAZON-02)
7 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
91 8
Apex Domain
Subdomains
Transfer
72 ired.team
www.ired.team
656 KB
7 fontawesome.com
ka-p.fontawesome.com — Cisco Umbrella Rank: 3223
3 KB
6 medium.com
miro.medium.com — Cisco Umbrella Rank: 16623
4 KB
4 gitbook.com
integrations.gitbook.com — Cisco Umbrella Rank: 176445
app.gitbook.com — Cisco Umbrella Rank: 98859
api.gitbook.com — Cisco Umbrella Rank: 89794
6 KB
1 gitbook.io
386337598-files.gitbook.io
13 KB
1 iframe.ly
cdn.iframe.ly — Cisco Umbrella Rank: 29256
8 KB
0 rayanfam.com Failed
rayanfam.com Failed
91 7
Domain Requested by
72 www.ired.team www.ired.team
7 ka-p.fontawesome.com www.ired.team
6 miro.medium.com 3 redirects www.ired.team
2 api.gitbook.com www.ired.team
1 app.gitbook.com www.ired.team
1 386337598-files.gitbook.io
1 cdn.iframe.ly www.ired.team
1 integrations.gitbook.com www.ired.team
0 rayanfam.com Failed www.ired.team
91 9

This site contains links to these domains. Also see Links.

Domain
www.gitbook.com
posts.specterops.io
rayanfam.com
policies.google.com
Subject Issuer Validity Valid
www.ired.team
WE1
2024-10-21 -
2025-01-19
3 months crt.sh
gitbook.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
*.iframe.ly
Amazon RSA 2048 M03
2024-09-23 -
2025-10-22
a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-01-27
6 months crt.sh
gitbook.io
WE1
2024-10-05 -
2025-01-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Frame ID: 293E76F09C904B2BB1F2E5A57ABEF977
Requests: 90 HTTP requests in this frame

Screenshot

Page Title

Detecting Hooked Syscalls | Red Team Notes

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

91
Requests

93 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

690 kB
Transfer

2708 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://miro.medium.com/fit/c/152/152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png HTTP 301
  • https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
Request Chain 52
  • https://miro.medium.com/fit/c/152/152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png HTTP 301
  • https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
Request Chain 56
  • https://miro.medium.com/fit/c/152/152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png HTTP 301
  • https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png

91 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request detecting-hooked-syscall-functions
www.ired.team/offensive-security/defense-evasion/
892 KB
71 KB
Document
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b50f21c42edadd7bd1b9bddf3567d482f88ec87f70dd3e8a0ac16b4f577ac9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'nonce-NTY1MWY0N2UtY2RiOS00MzU2LWJiNGUtOGJjNTYyZTkyZTY3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
82765
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=86340, stale-if-error=0
cf-cache-status
HIT
cf-placement
remote-LAX
cf-ray
8d62c3804c0bd389-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'nonce-NTY1MWY0N2UtY2RiOS00MzU2LWJiNGUtOGJjNTYyZTkyZTY3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 16:53:25 GMT
last-modified
Sun, 20 Oct 2024 17:54:00 GMT
link
</>; rel=preconnect; crossorigin=""
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGklbUmNhX9mqYd3crabieYN9CmHvCq1Jb1fW4TOIV7xhF6rQxhLPH6VOsINOTwpepA%2B%2FZS9vh8uf4mNZEJ9gk7p52yrRIvmHN%2BA8GY7%2F1oPmF7RZjVI04hRO70GKvqAPGkx0cuJ2NIdR6NGcWY0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-content-type-options
nosniff
x-edge-runtime
1
x-gitbook-cache
hit
x-gitbook-cache-tag
release-10.9.908,site:site_gkbDu
x-gitbook-version
683373b
x-matched-path
/[[...pathname]]
image
www.ired.team/~gitbook/
2 KB
3 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia&width=32&dpr=1&quality=100&sign=30f7a879&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78b181f45d9e634b417c7afec8b19db8fa8e37530bbd3c409afb2075e56d97b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfoXKDdJgtkMwd988FhqEmHA5tU6gqPBQBxcJz1GjfDQ:2965c5f978755802debc0291c5574853"
age
320408
cf-bgj
imgq:100,h2pri
cf-resized
internal=ram/h q=0 n=0+7 c=0+7 v=2024.9.3 l=2162 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pv%2BS7iUlqEeXZNIj0%2B33cHTZsc6ato%2F1T3l5kRvvP8LQIFTbS4VcRRXBEKE4%2BUL9smrwcuLdw1tzpQ%2BKgOxHWte%2Fmz0ELWV0dydfiCoL8FlMc2Y%2BwEzArFuKKt8ALkkt6bsHp1by01qRgKMjLIHu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/avif
last-modified
Fri, 11 Mar 2022 05:32:10 GMT
vary
Accept, Accept-Encoding
cf-placement
remote-SJC
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c380fe5ad389-FRA
accept-ranges
bytes
content-length
2162
server
cloudflare
1*sHhtYhaCe2Uc3IU0IgKwIQ.png
miro.medium.com/v2/resize:fill:152:152/
Redirect Chain
  • https://miro.medium.com/fit/c/152/152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
  • https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
3 KB
4 KB
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9f0a65ac54e9a7eef4d939591879eb7d1ad35c2f2e144dee089aa5c14032b4
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-request-id
1044461c-f034-4610-80e2-a34222c4c19d
cf-cache-status
HIT
etag
"p1beuTybJAT4iEnDIs2YasjPcpbofVcNkhY7q4ewiYk/RImIwNzg2ZDYyMTY4MjdiNjUxY2RjODUzNDIyMDJiMDIxIg"
age
427549
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 16:53:25 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
content-disposition
inline; filename="1*sHhtYhaCe2Uc3IU0IgKwIQ.png"
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
sepia-upstream
medium
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
82
cf-ray
8d62c381b90a2beb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3489
server
cloudflare

Redirect headers

cf-cache-status
HIT
age
5559
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 18:53:25 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
location
/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
cf-ray
8d62c38178cd2beb-FRA
access-control-allow-origin
*
content-length
0
server
cloudflare
rayanfam.png
rayanfam.com/wp-content/uploads/sites/2/2018/04/
0
0

1be06719d4376690.css
www.ired.team/_next/static/css/
83 KB
6 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/1be06719d4376690.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98222d2a280cd40b1214f296463ec8faf2fa7e700fc202d50822fe10939da3b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e11ba0ea2cb3bb015fe7173cc0e07fa8"
age
419182
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfWPxMU6f2ssaTjLoIeZDY525C4CEgbSMHAYhOs0Yn%2F49qBwkP%2B%2FnRKLcXM0FVS2aPe4sWbsQqGSUloRAcikuCMNJaS%2F7oUDQKurx3%2BfMnQb0TzEYoyLkB1rkR3udjNuv6OKmsl0fDyxWL273rIx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe5dd389-FRA
access-control-allow-origin
*
server
cloudflare
99f50cfb598d2941.css
www.ired.team/_next/static/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/99f50cfb598d2941.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292339afa6df803ce7fc3215663b3c22e250c3ee07a8ba221a3f250d66f3c729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1def430ea4a9c808cbdb7d7970875196"
age
419182
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8E6WSBW1BnWvtCp3XhKuFMEC6VzM%2FsucIURHHnKB9rf6Nf5sdBFaAVe1%2FbKQWH5GUwQOithDFX3Szmde6fmm0VJwrmqSXXL6QGweXb%2FsD%2BBbERQrzXL2JnnY53XA2uWCSLeTC0SDR7d3DlmTsXL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe66d389-FRA
access-control-allow-origin
*
server
cloudflare
d42d805b938873da.css
www.ired.team/_next/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/d42d805b938873da.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0923585726b1c442b4eea4c6d413f96228a31247249e7693aeea3cd08c6411e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1b85858f0c97b5c863bceb11a89dc36f"
age
641040
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUaYgHwFT0HoNWDlgTuoKJa%2FnXLkvsTlZ1nOSQn8m66ObZ1lMVY7mg%2BCNGPJx54nUwllK5Xm5ZZldlvLwdloTfozeegXgv3rgTqltxfWE69M7j4yVKj%2BCXfw2B8hOKdtaWcfeZY1JsclYe6TDzDf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe6ad389-FRA
access-control-allow-origin
*
server
cloudflare
b8003ae5eddc7fc0.css
www.ired.team/_next/static/css/
115 KB
18 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/b8003ae5eddc7fc0.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
babb9dcead046e13ec999b9472b38cdf93495c6bfd83cca8ece45263edf95015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"c1ac167154954504392131add206dca6"
age
287085
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woMx7IgFP%2F7xjTIYc%2Bm39kiZmZ4e5pRo2XWUewFqASW6jepxZbugkuDtpnE%2BsNHNz1IfDolgQE2zeFWaUKbsL1GBVrr6TEQJ2ok3G1RetqiYA0RGe%2BJallSWUxZKsRbEQRwAbPQAuIy5FrPeiXv6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe6dd389-FRA
access-control-allow-origin
*
server
cloudflare
c311d6484335995a.css
www.ired.team/_next/static/css/
159 B
677 B
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/c311d6484335995a.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f90d66e405853ca80d4d66f4bd8ea768a4a85b600ca29773c1c499b1e17933
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"364b2d277bf4a05a73929b8017a11307"
age
6943287
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfFvmQ0XmwJoaXyoe8h6paEqmhKhl3TSiHTnZFiKCGoqfkSmgznPPWiBSNSmn%2B3Zs3CA7E9PQZO6glBLt6BD5u06n3KVhXhXIq40ANsK9a4Jf26Zu2iul9hS7KLdVCFPNBoBH7ukN2Mw4xaPpehI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe70d389-FRA
access-control-allow-origin
*
server
cloudflare
5a687dea857dc6f5.css
www.ired.team/_next/static/css/
2 KB
968 B
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/5a687dea857dc6f5.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a21135eee7aaea6067c49dd95606e4d7cd18da50e4adcb9ba7f27f7be48f4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"51931c9b075b881dade0ac96d5fdc570"
age
641040
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yX2chpd10TpoLL8Sgqafjiot3C3ayA8LvSbipNoW851N7PL6OPI4KT%2F8CfudYnXKRnEQETu6yW1%2BEfuNNCEzJJB3ccH6yijXeNkN%2FAVA7ST59WiaHPNoVb8fBEpGV7YQ9k8WEeHAdzQU3YnZxy9S"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe75d389-FRA
access-control-allow-origin
*
server
cloudflare
d7e56998c334f5b9.css
www.ired.team/_next/static/css/
28 KB
4 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/d7e56998c334f5b9.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed648501b56d6419b3c6e4ae904b243b8804b03b5df320e7af59fb54e7a61d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"134405e836608d5143a718735b6fd4d5"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ux%2BPj2LtUhUajYg6HXtWV%2BPPuKb6453j4Cot9pSt%2Fy6JHBnrk2%2F%2BnShsVUQDZBqetC5bN6XssJnxecEO3Gq%2BoAZWTv%2FZZ7xHEaTHpjrDUdPDwyePa8oFCXI7hgCkZWQtl7Kf9jbHcX18fL7jYiez"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe78d389-FRA
access-control-allow-origin
*
server
cloudflare
86d6274f3e6d760c.css
www.ired.team/_next/static/css/
78 KB
6 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/86d6274f3e6d760c.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c780179fdc6281a24a03367341c70e2bd004f4f352299aea60d978ba6845253
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"c600b2ab2b7f888009bb0ec7eb0b025e"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63jhpYdfOqw1hJ8a0heKA6szveZbms5APT3wiwmUpmJakCdFcwGIQpFY%2FZ7fU3ydMxYwbS4ngG0a6T0TN2NdsM%2BkYrhdjw1W6muzwXdRpGJUmbr%2BUoCmN8ZwlbO6VnjY9BrtHLxvYKXqJ25uRa0c"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe86d389-FRA
access-control-allow-origin
*
server
cloudflare
829150f9e3c1e921.css
www.ired.team/_next/static/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/829150f9e3c1e921.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b22a4bcd64e3cfbbe6845cb14f4d1a8ad81a161adadfb5b72a3dd4a8f9fc35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e045de57c6dd050e2f1082ea88450c4e"
age
3913644
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6B%2B1MC%2BdUVt1NKoy8n91%2BmReL1rfkszMxanJM0cA7gCZeqXrjcX%2BcPEZY0pzy2lpFPp2LbIVwTK2Ii41E79pvFeOm89pQFHdLOUYq9Z6nWdHINYc8%2Bk%2FH8X%2BRPy%2FFSMYKTmq%2FAk46BdAD85TtP2K"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe89d389-FRA
access-control-allow-origin
*
server
cloudflare
0f891de5863d7182.css
www.ired.team/_next/static/css/
139 B
694 B
Stylesheet
General
Full URL
https://www.ired.team/_next/static/css/0f891de5863d7182.css
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65540109ec1e413cd9314ca8e3d8828fc8ea866765c189664e4b95f78307cc4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1c37a7a1d40c67136443657ad9b33dc0"
age
1765093
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6pa3rbmE0AAp3210CLGBotxY7IgaT%2Fvr4ChhQemGpfIcPbFOVtoToP0ndIJuFL750YkneKpfp66zavVBs1FhiBuQ6YwedtWmCSDe%2FVHkHdJuNLAZSRMIfzpEoVF5W2OZpGDfeI6%2FUZIIqeDOytw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c380fe8bd389-FRA
access-control-allow-origin
*
server
cloudflare
webpack-ccdbd27c4d532c61.js
www.ired.team/_next/static/chunks/
7 KB
4 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/webpack-ccdbd27c4d532c61.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
880374dcdc4228f36daaf1fd6c09a5f11020a491cf6a8093bb82b592c129b15f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"b2a0b664a35ec952705ebab8ed5dc02d"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qx9ulHsqx4Id2OHQ2PKpckzkESazMnUtxk3jZLPGg8r5wlv%2BAeGeUL2dnqzgb4oaEstuAPZNkRyGUeJnS9hmtNJCfuedbm%2FKEtz%2FV2bXS1bZ6FOWicPY1hOMn3bLbPDQQzfjBsf6N2PEuczS4HhK"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c3819882d389-FRA
access-control-allow-origin
*
server
cloudflare
1dd3208c-9bac9b3d380154cf.js
www.ired.team/_next/static/chunks/
169 KB
53 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/1dd3208c-9bac9b3d380154cf.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7941db35d4dec890f4d74a0eeae7a49be4d7c6b7fab5575e130d7779dea5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"bcf225eee9f5c2d93bab731b9031bb63"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nAyLSOBE6lA8NwDKrtfNU%2BbGPA2matB4dUGrT0GjQSn02H02GIJgypiymeE%2BBrVDucFXBWBoLX3vGOnbeSKXoY5hpg9EYj4F08oPqsz7FKs7ZO5HmDe3kngm7pcN76Uj7oBYstqV19pIShAiyS3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a890d389-FRA
access-control-allow-origin
*
server
cloudflare
9978-3862268d52c1b071.js
www.ired.team/_next/static/chunks/
173 KB
48 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af9d5087b0dafff9832b150fcc82fd557f517cd20751dfe2764a39719d1d48a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"72c074326f801429cb86aa62a6e2ab8c"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8s%2FObJu%2Bhah3Th1r9zDjv1MuCsLkMhllYleAIHaBC806oOtuJOv9h2loSmfLOI2%2F7zni2RXbIY3ErfWCU1bKzF0B209YZ70kM6fVdd8OluS%2BBISx3PlAKSremJ%2FkJ7ZphHnUMI4YSYvo6CBiAmn"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a89cd389-FRA
access-control-allow-origin
*
server
cloudflare
main-app-9821c05608f1c58f.js
www.ired.team/_next/static/chunks/
978 B
1006 B
Script
General
Full URL
https://www.ired.team/_next/static/chunks/main-app-9821c05608f1c58f.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d657ff7eac3f415f5fc163b78582698e1327e708fe61382ec180e82017cd1411
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"74d09e07726de4ab5e1c1d0dec3842d2"
age
107477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIY1HPsjLiKignmHkfhhOK5MWqpxiXNYwmMQLsB7fKW2qBgTq%2B6T6Ke0JK3j3uZ1VDCPn9MC%2BskZAxgf6zzUapUnlZwv0Y374C6mnq491INax%2Fp6zjkHenELM4ObGQPF1uQ%2FcKqSb183GcaxvG79"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8a2d389-FRA
access-control-allow-origin
*
server
cloudflare
global-error-e59e6ed2c4913f27.js
www.ired.team/_next/static/chunks/app/
6 KB
3 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/app/global-error-e59e6ed2c4913f27.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0346969443c08e43b6096508c688c22b45eb79f86f86a827d55d790e54c65350
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e829c4d0ddddb5c0ff06ae5096fd1a89"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMZEsYeCm69EMaSiO1%2BJYFug3RBssGDHvUMZZwZN9zYn5hqTyzef747InjyHxmVeI50cniIvK0E4aabnW62Bs8X3aORnMAVCzl0pwPZGthxxW1MrgV3QtIrcYxFPPYQaU0L7O5jbFmzjZUnzSPjj"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8a5d389-FRA
access-control-allow-origin
*
server
cloudflare
b5d5b83b-f6b37054a7ef9b06.js
www.ired.team/_next/static/chunks/
72 KB
22 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/b5d5b83b-f6b37054a7ef9b06.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffe11485c88e258c8237db00c8f412aafa3f08f9236721996ad6f2a18669e56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"f4344daa91574bc421656ad6e31c02e4"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbFwoFz3CPDY9XItuhwszRySSR1XCcccx8f%2BIllnp0zfVXe7uQn%2FRRRzkQgROE2pO5h%2F9cJWghhJtt6sefXo0SGkk0BbtKU%2B9dzCYgDvaZ7rx7VdtOPX%2F1lR2rWzZsHoRTiQpeIOutgwJjdSchqe"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8a7d389-FRA
access-control-allow-origin
*
server
cloudflare
7609-490f3ca2eefe113b.js
www.ired.team/_next/static/chunks/
40 KB
13 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/7609-490f3ca2eefe113b.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5bf07c7191ad1ae3d2ffec50b6820ee42b349716766cecfd82ff09e8f63f8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"25a3a20d3186278479b669cfbc67a9c9"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CZobjVi%2FmsVLF1Ufcjrvzp36WbHNwQgK8LK4tKXgXGdMBTVhgA1T9hiTn0QlfRI17lR0NjGla7YSLKahBskdh0NhAfZDtOZnECfNTLQOOYm%2Bq4oJzQeAnZLZUEax8GMKb4XVFXX2%2FLtwXz9gJVp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8aad389-FRA
access-control-allow-origin
*
server
cloudflare
1281-fa67e30624d328a4.js
www.ired.team/_next/static/chunks/
9 KB
4 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/1281-fa67e30624d328a4.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93d0b2d7d1b4cc867abb304ba7bcec92c041babd0cada579bc2f3817102213
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"87e9f698d7f7781bf9e3a3817a2c58a7"
age
636331
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpv6bSPyoaS9lnlRgYNJQiGRvnPSuzjaYxeGV4Bq%2BsfF7X1xPhcs6fKUr6kc1lWqPyJl48esg19nsmhH3yvmWWO6vu%2FEvxbo5VSXDpgCG1bcRk8giK0M851w5%2F0bXesolmwlvTQG9DwfrBhjRflP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8abd389-FRA
access-control-allow-origin
*
server
cloudflare
3429-3c0af187798db6be.js
www.ired.team/_next/static/chunks/
19 KB
7 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/3429-3c0af187798db6be.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
617917605dbe3ef7942ac669f8faec7f8ab5b98516764f3459c6e7bfbeeca448
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"89d202dd1fddec8271754175e5635298"
age
107477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2gef1wK6UXR6%2BlZRelpS9MDSNo1CLiyQoaksth4Y6CEjDQemJ3X1OryVN6Nq4MjXOX2kyd3Z%2BF0af4DY8DhRwADw7BUH%2FdCb1MraNEIriR5%2B6hoeNYlIeXX%2FNoKMT%2FsNk3aOO99jjq4pXDLfEQV"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8afd389-FRA
access-control-allow-origin
*
server
cloudflare
layout-2cbcbf19ac433418.js
www.ired.team/_next/static/chunks/app/(site)/
193 B
697 B
Script
General
Full URL
https://www.ired.team/_next/static/chunks/app/(site)/layout-2cbcbf19ac433418.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5848ffc1ca50bdeba329536d6c929b5c11c8a2130a4fd22c571d0a2d465a540b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"93d5636230434967556c0c1985f43cbe"
age
636331
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATp6oJ85HCPXUGnPwRylbWSzEfecNOOsdVCM1vhCwvY8GQ2dMq%2Fk%2Be1E4tIAg8PoO2HCR%2Bpl21sBnC9IQSvoS4887Vtg2HcLNhu0zYFR5hK9%2BfvO2WWW60%2BcIcVyeDVK%2F4VMGHwIgsN2pLlqz27o"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8b1d389-FRA
access-control-allow-origin
*
server
cloudflare
error-d04861f2c147283a.js
www.ired.team/_next/static/chunks/app/(site)/
4 KB
2 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/app/(site)/error-d04861f2c147283a.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67493534aac5a7953ef877505fad65c5a80b5185d65314368f2be13c7677cd68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"90d89f79a8157a5fd14f89b655c0232c"
age
107477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r0XAWM3FGYhpzz%2Fx5kQDxE%2BoSojqh9Du6bHqqib6R0pQi8Jkd1%2BulIB1plDbcFTZzPm8M9JhmKjBDcZpJ09uQK3c7TMVHPOFv2dDOneZA1hC43U2jQraUmkVhKAn4a6HAw7kArft0385kmdMIPWF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8b6d389-FRA
access-control-allow-origin
*
server
cloudflare
2151-1902a9c20373ca06.js
www.ired.team/_next/static/chunks/
403 KB
123 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/2151-1902a9c20373ca06.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e084992a881d68ff490cb92d3291d4a6cd319ef1194cffa5dcce87a18bd64c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"12266421cbd48a3db738782a6bd71267"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Aik79lyAP4t2VFXlP5vWp5HwSBAvaD28E%2FlxJ7YcHlek0KRzXtUkc9dlAgCV7JwuqDpzNsnq9ktrUdWtgkxCNvwf4l5Dv27%2FrCKFl2VR8KTavIIBxGcLwpvHn9YlOf6raHbAY%2FiAhF6qmQoK4Bn"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8b7d389-FRA
access-control-allow-origin
*
server
cloudflare
1538-2ee9db36198b144f.js
www.ired.team/_next/static/chunks/
136 KB
46 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/1538-2ee9db36198b144f.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1382ad2a83696ed8b4571912073120726308df379475265225fea956519fe09f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"19c0487f2a765af7207e4b7ec89cc575"
age
636330
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtAG1xQ%2Fg7CjmCP%2FYmTPU0CF6dlj7WKJzT%2Fd1BHgN%2BB56SpP3Q3kIxeGtDVjzQxyqIJw3C%2F0rNOIeNboEtnIpXU5xjF0M1kj8z%2F08JEndb8xvf00F1nvKBwZ8HfumtmEEn0ywYczHvc8LNpGK5oO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8b8d389-FRA
access-control-allow-origin
*
server
cloudflare
133-5558736d7b7d0c82.js
www.ired.team/_next/static/chunks/
29 KB
11 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/133-5558736d7b7d0c82.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10536066cbbf144cc74f80f1eaea9e981c51785c677d255508a76435511562bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7a26ef93621a4946207b20a03be6cb1c"
age
107477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8XVQjIfgiqwoWkyVK3%2B5KZqI7%2FWwFyi7bKamDS6XcCp4BpUVUShh7LjVgs%2B3faxuwz9XLsbo49lglM%2B75rqLzHs21YrZomfTeU9tXh%2FutW7r1i0Nwu2ogjVMuPHMLBCGhNvMqYq5OrcP6EmRdvJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8bdd389-FRA
access-control-allow-origin
*
server
cloudflare
3902-19c217a299034164.js
www.ired.team/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/3902-19c217a299034164.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f6b54c642d999cce1a7eec61cd152e354f992deefaa208a1d04a064c402456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"86471c0b68f57dc3fc90348ec0822d49"
age
269260
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYd4w7%2B5zAKnv90e%2FinumJq4CVVDAdzPwm8rpQaig64gjPeJ5qdP9hXsYBp%2F6FDV2r7lKOQGjk1b1C7GBaxSf6yjSacvadKPqbGxLyc5DDZC%2BfEvkL3jLukO5PE6a9D5l0pLNGbNRbL2SPHv%2FTDK"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8c2d389-FRA
access-control-allow-origin
*
server
cloudflare
layout-0c13acf1c7d5dbfd.js
www.ired.team/_next/static/chunks/app/(site)/(content)/
30 KB
10 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/app/(site)/(content)/layout-0c13acf1c7d5dbfd.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f2e83d347d32f68b597f14b6d7ea2dba0a65ebca3297648164810138f9a40a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"924a0dfea84cb0444f07a4980d32c69f"
age
107477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZnZTWNf6SPq4H5vGE%2BLb70dI7DR3SuYIIkaiM13nEJp9t5tPaeHJHnP5bz8B2kpvGp6vQW9WnRj2hDwKLffk%2BDJm0fA00wGrX5u%2BgOLFvCjpJ4ikpOSZHwyaYjObEZ7Nk8l4vT9B0mcsgLDl%2B7h"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8c5d389-FRA
access-control-allow-origin
*
server
cloudflare
script.js
integrations.gitbook.com/v1/integrations/googleanalytics/installations/91ab123619a8c25b8ddcb773e172ebd6fb8b9cbb4d90be791ae93d971c59503c/sites/site_gkbDu/
61 B
537 B
Script
General
Full URL
https://integrations.gitbook.com/v1/integrations/googleanalytics/installations/91ab123619a8c25b8ddcb773e172ebd6fb8b9cbb4d90be791ae93d971c59503c/sites/site_gkbDu/script.js?version=147.0
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2959 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50b0fdc989d29de777f3f94793a3694dcfba5423c9bb029c43a026acc31df09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3d-/3dikLwvcEh+0S0j1xnWz1seJe4"
age
1829
alt-svc
h3=":443"; ma=86400
x-cache
HIT
x-release
gitbook-x-prod-10.9.913-2fe28fc9a3c0bb0c3e27d36c770d01ab8ed73e6e-11443877780
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cloud-trace-context
e341dbebf93a29f41849674d2c12ab7b
cache-control
public, max-age=604800
access-control-allow-credentials
true
x-magic-hash
05e6a4873618e9291c32af8746073080ea3162307adb010e24c218f958b78497
via
magic cache
cf-ray
8d62c381eead71d7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
76
function-execution-id
x8n0hkv71z9a
server
cloudflare
7080-035f2ce5270162b0.js
www.ired.team/_next/static/chunks/
57 KB
20 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/7080-035f2ce5270162b0.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df5f7159c3a08fba6f1cb252f1ceaa2ed97dea4465347d8a4c458ae63bffd00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"90dd4163f6c0aa8f75f20c1e90dee53f"
age
636289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSplWuCcTUrP0FrOZ74SHAzMkOmUX2tX6dAq99NqK8GiJysdJSJwtOQTVCHgYKpWn7CtTchxOU9DhCItOHqDmaqQMCe4DtZ9jmoYtz%2FAyDuA6i21MCdxpHUd3CRXjmGmR3EbTdzlpfjf0pwy4zpS"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8c8d389-FRA
access-control-allow-origin
*
server
cloudflare
4608-e4e9360961fcc01a.js
www.ired.team/_next/static/chunks/
12 KB
5 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/4608-e4e9360961fcc01a.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b373fb885fac6f76375e7a1e8739d645d56c8666c6222f2bb2a58c7d0f95ac72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"3956d8f4134b3d95bc8e5dc0bd2df999"
age
283737
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8GrjkHi3fuxhJB%2BNpXCLyV%2B3flSX7Z1gO3c%2BLZhwNgwH3WbbIh2hOq2ZdPv1R6mQhdBbWRzBsNstORsk5EVOiy5EJh%2BJWXID5hUS7HNgsR%2Fc4kG%2BK9NiJydJcdI3hCOzsASH3%2FIdfqBPO65rxsCZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8cad389-FRA
access-control-allow-origin
*
server
cloudflare
3960-f796f42d57260cf2.js
www.ired.team/_next/static/chunks/
15 KB
6 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/3960-f796f42d57260cf2.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b6c8db7b1f55624c23b0e636b7aefc0a8c7ed2f462b484e533bc6b71d80007
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"d8976a85438f9ebc65fc87e59e3df42a"
age
633848
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMeeoOqagP4r85YH2cr64FAYsCu2PyvPmphTvLZrR1A3NNEr4BDKVadDYgUJa6defffq%2F8Ex51ZyNmrcNi0uD5Qs6wijmk9wO3wSpAKGl1cDmH89jrQyLo9ubXouU1ZWRdYANFBHZ73z9GwKjpRL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8ccd389-FRA
access-control-allow-origin
*
server
cloudflare
page-310389d62963c7df.js
www.ired.team/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/
12 KB
4 KB
Script
General
Full URL
https://www.ired.team/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-310389d62963c7df.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43275982a6c939598943d469cb5da3daf342911f51ef4bc7c049bae6c3a18aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"8ce1ddd0232131ae74955232aca5143b"
age
107477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KUQx8UxdYUO01PhmekP3OXB%2FyKTMXIElygF2g7lAGdehkvIWCGHOU1OqSivXE4tjVTO6wHw4yI4I2%2B8DutPXnoqOK%2FIFlc128ntKDKegx7A8n18WWzjrzWrZqK3RY7TgSsB4SKbaqOhKeKLldH4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c381a8cfd389-FRA
access-control-allow-origin
*
server
cloudflare
embed.js
cdn.iframe.ly/
24 KB
8 KB
Script
General
Full URL
https://cdn.iframe.ly/embed.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ea00:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6e8b19acc79b2357936ef1381c0ea3d34a38c8b73d096da65272b8be1ed41043

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-amz-cf-id
S_D0Mn2h7hbwjB-HXXPpUZFcsNTyfyGBrvCj5eXF90s7Dv0n0txs2g==
cache-control
public, max-age=86400
content-encoding
br
etag
W/"656de555-6060"
age
47790
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 03:36:55 GMT
content-type
application/javascript
last-modified
Mon, 04 Dec 2023 14:42:29 GMT
server
nginx
x-amz-cf-pop
FRA56-P6
vary
Accept-Encoding
image
www.ired.team/~gitbook/
5 KB
6 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXpYvCDgMM9lOs-_T1%252Fimage.png%3Falt%3Dmedia%26token%3D28b25f14-0233-4c90-a1a8-1194f2cb444e&width=768&dpr=1&quality=100&sign=9440e909&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4d76d7edc38bb0f142b742961ca028680a501c8cb8ef300253f3e15642695d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfdI4mZl8q7pLnLlb2A_XYfCv-K-ChRTP4It8jXA90DQ:11b868d3ea8761737308393ecc01f022"
age
204367
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=97+107 c=0+0 v=2024.4.1 l=5471
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCC5WEWKOruHP%2B7lsd9jfqdxg4r72ZkLZaPsimhlH0gS9dPz9TvjGh2NDVpt02SZhtGjnt3mq2rD5ml49%2F85p5YN9O8wVDIxO7JjkguZAQxcd6Vm2yvtT96gd6IrEjB7PSbAlSm9gNwDgdCl6uPL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 151435B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:20:59 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 264;u=5;i=?0)
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c380fe8dd389-FRA
accept-ranges
bytes
content-length
5471
server
cloudflare
image
www.ired.team/~gitbook/
3 KB
4 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXqBklIIe7S73PRkV5%252Fimage.png%3Falt%3Dmedia%26token%3D72544c54-80d4-4d5b-8a86-34fc3df3899b&width=768&dpr=1&quality=100&sign=74f6bc57&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290c5b489f2459717812a1e45453eff47c738f1306193f97a672bded71bb4ad5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfm6RdUZBe4UyS_O2rQjpNXXQEK-ChRTP4It8jXA90DQ:6e058788975047f801dc70f230cfc363"
age
204365
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=50+212 c=0+212 v=2024.10.1 l=3143 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaOXv7IUx0IeoKamRlbGpDBrTsGeUKV92DEurAd%2FstRsWwYZX21ozIANfdB06pel1VKAK3Bs2NM%2BusJfsed%2FaCQ1pwdxAQ1SOjdf%2BFBvEwv1yfRXQYyb1RRJA4TD8STlVIZnLTzxApS1zkZXa9aq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 24599B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:18:32 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(45;u=5;i=?0)
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d1d389-FRA
accept-ranges
bytes
content-length
3143
server
cloudflare
image
www.ired.team/~gitbook/
9 KB
10 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOY-SBC3WZsNpeDmar_%252Fimage.png%3Falt%3Dmedia%26token%3Dd758a9fb-5b36-45f4-9987-f55074616a36&width=768&dpr=1&quality=100&sign=480df8cf&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8f2379c954fe9ffdbb18cff45fe2a1ac18e30004aea640d16c91efda7d4427
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cf7RQJyNvT66lFtGhpNy4yFB1lK-ChRTP4It8jXA90DQ:c264647a766a3e6487f8ae31006718ff"
age
204366
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=50+135 c=0+0 v=2024.10.1 l=9608 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HcA6OdgFqJrrpf2%2BguJUPVYeo5XrdccQj8Wy5%2FdIIgiQGy%2BJwX8jGtlkkrHl1lg%2FNsBP45y08UlK3R9y%2BmT%2FROjGzZt7j9iQwDebAlGcY4Yg81zKtrcyxg2l2PXpzJgmGEvf7aIoWELANRSZ3uxm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 97106B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:15:55 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(45;u=5;i=?0)
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d4d389-FRA
accept-ranges
bytes
content-length
9608
server
cloudflare
image
www.ired.team/~gitbook/
2 KB
3 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXpPEc0c5SRBbm3bMq%252Fimage.png%3Falt%3Dmedia%26token%3D66e6da37-afdb-459b-af20-b99e9823d7e1&width=768&dpr=1&quality=100&sign=7c6123d1&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2bb0bfa09acbedb169402291de67615d0fb74a85e10cb038d2e3c05a5a5955
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfFkMF29F-Kyxpl7aa7WjPWjJ9K-ChRTP4It8jXA90DQ:157235b80bf01e60d8773c2f9260b3a6"
age
204366
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=55+452 c=0+0 v=2024.10.1 l=1806 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXc5qEfGWSX2uCvIpW83nBmxeei%2BmYyeaUzYeZi9plvEPCD9K3q4cxvXTGDISUIVQdKQngvDw7Osiqj6GFhryL799dA6qYkpdgEHcPIzJKscu3o3jROgD5RycjkAa6nP2Gw9yrbRVhBkSNmDMhSi"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 66118B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:23:37 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(81;u=5;i=?0)
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d6d389-FRA
accept-ranges
bytes
content-length
1806
server
cloudflare
image
www.ired.team/~gitbook/
8 KB
9 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOY41nnsOSklf8CzCpb%252F-MOgazQOvSjBLSjdgamy%252Fimage.png%3Falt%3Dmedia%26token%3D73fad11c-f39d-4b62-ae4b-6dbde31cb190&width=768&dpr=1&quality=100&sign=e7443ab2&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02f0eb183b7ab457214e41162aca24ed7c492e4c0e4c2ed9f33415ce31f00cbf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfnKAFwYe_C-begPrX3rlWza31K-ChRTP4It8jXA90DQ:2d6b9476ad724c87e35bd93b5cd58403"
age
204366
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=35+453 c=0+0 v=2024.10.1 l=8100 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eP2iKkP2ZomSRYza73g0BjPPPMT9gsXW%2BL4SaR%2Ba%2FZM0Ir14ocyZjh5mvQvKEzFqyBWzCtsASS4%2FQ07OctjYenUGV2zT70UaJQLUZDbydFB1qORC6XgjmUXapOidZTXDzWJbemIGPfR2lKG%2B2fA8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 284985B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:08:08 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(45;u=5;i=?0)
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d8d389-FRA
accept-ranges
bytes
content-length
8100
server
cloudflare
image
www.ired.team/~gitbook/
29 KB
29 KB
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOpWAgSwxkMkJtHWOjq%252F-MOq-ESRr6BsAmphfUPg%252Fimage.png%3Falt%3Dmedia%26token%3D11a6eb56-3214-4372-aed8-1b8cca90ddf2&width=768&dpr=1&quality=100&sign=a57795e0&sv=1
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c33391beb791938966cf84def3000885abb64f79a3e627cc7869bd22647436cc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfCfivl1ZvEUXRDBG4_9AOMiMQK-ChRTP4It8jXA90DQ:66e420c799b932dc9176bc8bd3414d9c"
age
204366
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=18+238 c=0+0 v=2024.10.1 l=29204 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61u3gHQvmmKSY0r5jjLgZV1SUwekPX7O0H0CqAaMRRiJ4xHGFhFbwK%2BXSZtG3lb5vlFv5mK1g2FKOtb%2BUdCUVYU7ZtyXRu2Dx6Ks83CfYFLPD7Q4%2B8YGLQG2Im%2FX7q8BmfcH5KkSUDWNB2tLbTW6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 224713B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:20:39 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(45;u=5;i=?0)
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8dad389-FRA
accept-ranges
bytes
content-length
29204
server
cloudflare
6ebb97b5c9fa4e03-s.woff2
www.ired.team/_next/static/media/
13 KB
14 KB
Font
General
Full URL
https://www.ired.team/_next/static/media/6ebb97b5c9fa4e03-s.woff2
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/css/1be06719d4376690.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/_next/static/css/1be06719d4376690.css

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"ee7b9b9c47166e05c79c8cbafadecf85"
age
1756970
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXfX5oV41TSoYOBIFLEuKhSY8RzQMAUxoXaU9iOMFXU4tLQCz9F5ITSUIWA2FXruTg3rnoXORDzACvGWtCR3cL0oIp%2FGe0dWYDjNKPxjbhYGedY32nNU7MWKHtjjH6rAMzjrOmN%2B%2F8W8Sd%2BMfzfN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c3823a65d389-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13408
server
cloudflare
magnifying-glass.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
483 B
414 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/magnifying-glass.svg?v=2&token=a463935e93
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2a6a5f8c28ed6ebddf6fa704ad4f21d95c55a140c124b94dd4bf28b736a654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a1f6-1e3"
age
2334740
cf-ray
8d62c38229719744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:25:58 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
chevron-right.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
394 B
508 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-right.svg?v=2&token=a463935e93
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e745a051fade69ed0d6a92fe8f0437d646bafe59a91f3c6654b0c4295c1ed91f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a1e1-18a"
age
2334741
cf-ray
8d62c38229749744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:25:37 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
gitbook.svg
www.ired.team/~gitbook/static/icons/svgs/custom-icons/
1 KB
1 KB
Image
General
Full URL
https://www.ired.team/~gitbook/static/icons/svgs/custom-icons/gitbook.svg?v=2
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b5edbdd84e821da7830e59580a2581cfd2e2bfb01a197c3e9f919b7859fc0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6a0e8c1b87703edb50c128db3b80b0c7"
age
2333774
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZrTBWD5OdLOjZGc9T2guZQIc04H42iBg2vDv9M%2F2LRgPl%2BcUJIVGCgwxI6O1rBtS8Sx%2BvovMfUUrPdyfIw9o9jMkG1P%2FadCXZ8xiizWUQkCFmg5gc85Nkk8sgkQbWVxyPybmKrMXHMEittZJZQp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c38209f1d389-FRA
access-control-allow-origin
*
server
cloudflare
chevron-left.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
393 B
340 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-left.svg?v=2&token=a463935e93
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab2a0562e22f0c92b3178ff3d9ca99c14646df6947a180f3e655305c7249f2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a1e1-189"
age
2333728
cf-ray
8d62c38229779744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:25:37 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
120a5a1920781bd0-s.woff2
www.ired.team/_next/static/media/
13 KB
14 KB
Font
General
Full URL
https://www.ired.team/_next/static/media/120a5a1920781bd0-s.woff2
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/css/1be06719d4376690.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/_next/static/css/1be06719d4376690.css

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"afa13337fcac5295198bac158ca5d0bc"
age
1766910
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1O%2Fvj6iImn26hAPKcn8V%2FzV6Mt52f0CUUIROm%2FpnFvv%2BUv7QjPzHILPSKXM1L%2B9h8bIF%2F4r%2FMszuW7MZ3yj%2FV%2Fp7t9cZA%2BbzaTxpA8VLP1ZmkZyKZoKtV%2Fl7ez%2BARQJ7gl4MHKJvqLjmaUlbeLJ%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c3823a67d389-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13388
server
cloudflare
hashtag.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
814 B
500 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/hashtag.svg?v=2&token=a463935e93
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b053c1a8d1743d15e13597718631b7f7d8eb96c7d283d071fbdb8b37e5e05fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a1f1-32e"
age
932731
cf-ray
8d62c3847cc69744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:25:53 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
circle-info.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
559 B
412 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/circle-info.svg?v=2&token=a463935e93
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e69b9bc3fe6c8f32aa595be25c5bbcd9b477f93031111faf20f97363cb13116

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a1e2-22f"
age
2334740
cf-ray
8d62c3847cc89744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:25:38 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
circle-exclamation.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
483 B
378 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/circle-exclamation.svg?v=2&token=a463935e93
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb3136e7e7818bd107dfaf599405190cd1fa965d07fabc7e34d8d0fc85a5050

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a1e2-1e3"
age
2333774
cf-ray
8d62c3847ccb9744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:25:38 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
3478b6abef19b3b3-s.woff2
www.ired.team/_next/static/media/
10 KB
10 KB
Font
General
Full URL
https://www.ired.team/_next/static/media/3478b6abef19b3b3-s.woff2
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/css/1be06719d4376690.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/_next/static/css/1be06719d4376690.css

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"4f52c61f8f0cad0e31eb3b44c3bf3d4e"
age
4785400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9wZavo5J5VLdzoabw4g45xKER2Pgm1MyMYeBGBl3lKIcsuF%2BBUTsWL7ieGxPldDMcxdrwGVJDNSLLeLEZmwDehFQ25Qv%2BAfSY%2FRuVV8t7g1RI%2Bcd70UbiETKHekt7SHXaHeDjikANr3G61cBWF2"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public,max-age=31536000,immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d62c384ebe3d389-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10088
server
cloudflare
image
www.ired.team/~gitbook/
5 KB
0
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXpYvCDgMM9lOs-_T1%252Fimage.png%3Falt%3Dmedia%26token%3D28b25f14-0233-4c90-a1a8-1194f2cb444e&width=768&dpr=1&quality=100&sign=9440e909&sv=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4d76d7edc38bb0f142b742961ca028680a501c8cb8ef300253f3e15642695d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfdI4mZl8q7pLnLlb2A_XYfCv-K-ChRTP4It8jXA90DQ:11b868d3ea8761737308393ecc01f022"
age
204367
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=97+107 c=0+0 v=2024.4.1 l=5471
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCC5WEWKOruHP%2B7lsd9jfqdxg4r72ZkLZaPsimhlH0gS9dPz9TvjGh2NDVpt02SZhtGjnt3mq2rD5ml49%2F85p5YN9O8wVDIxO7JjkguZAQxcd6Vm2yvtT96gd6IrEjB7PSbAlSm9gNwDgdCl6uPL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 151435B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:20:59 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 264;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c380fe8dd389-FRA
accept-ranges
bytes
content-length
5471
server
cloudflare
1*sHhtYhaCe2Uc3IU0IgKwIQ.png
miro.medium.com/v2/resize:fill:152:152/
Redirect Chain
  • https://miro.medium.com/fit/c/152/152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
  • https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
3 KB
0
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
Protocol
H2
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9f0a65ac54e9a7eef4d939591879eb7d1ad35c2f2e144dee089aa5c14032b4
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-request-id
1044461c-f034-4610-80e2-a34222c4c19d
cf-cache-status
HIT
etag
"p1beuTybJAT4iEnDIs2YasjPcpbofVcNkhY7q4ewiYk/RImIwNzg2ZDYyMTY4MjdiNjUxY2RjODUzNDIyMDJiMDIxIg"
age
427549
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 16:53:25 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
content-disposition
inline; filename="1*sHhtYhaCe2Uc3IU0IgKwIQ.png"
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
vary
Accept-Encoding
sepia-upstream
medium
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
82
cf-ray
8d62c381b90a2beb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3489
server
cloudflare

Redirect headers

cache-control
public, max-age=7200
location
/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
cf-cache-status
HIT
x-envoy-upstream-service-time
0
age
5559
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
x-content-type-options
nosniff
cf-ray
8d62c38178cd2beb-FRA
expires
Mon, 21 Oct 2024 18:53:25 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 21 Oct 2024 16:53:25 GMT
vary
Accept-Encoding
server
cloudflare
rayanfam.png
rayanfam.com/wp-content/uploads/sites/2/2018/04/
0
0

spaces%2F-LFEMnER3fywgFHoroYn%2Favatar.png
386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/
12 KB
13 KB
Other
General
Full URL
https://386337598-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/spaces%2F-LFEMnER3fywgFHoroYn%2Favatar.png?generation=1536436814766237&alt=media
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:93d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
7834e63bad0b16e07695f5ad93d8484722989a1a8ea94c9ba91c4be105ca0a44
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.913;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=ALxBKw==, md5=KWXF+Xh1WALevAKRxVdIUw==
cf-cache-status
HIT
etag
"2965c5f978755802debc0291c5574853"
age
944064
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
expires
Fri, 10 Oct 2025 18:39:02 GMT
alt-svc
h3=":443"; ma=86400
cf-polished
origFmt=png, origSize=29066
x-goog-stored-content-length
29066
date
Mon, 21 Oct 2024 16:53:26 GMT
content-type
image/webp
content-disposition
inline; filename="spaces%2F-LFEMnER3fywgFHoroYn%2Favatar.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 11 Mar 2022 05:32:10 GMT
x-guploader-uploadid
AHmUCY0NgM2L5ntbkzr4E5cyLL-Wq3ZQLDsbzIyUYR6NF2e11CyDr9Kesfn95L0q5jewCq24Kg
strict-transport-security
max-age=31536000
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.913;
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
x-goog-meta-firebasestoragedownloadtokens
1910800b-eed5-42ea-b282-39d0660128fe
x-goog-meta-x-goog-reserved-source-generation
1536436814766237
referrer-policy
no-referrer-when-downgrade
cf-ray
8d62c38a2e5f8ebe-FRA
accept-ranges
bytes
x-goog-generation
1646976730059392
content-length
12796
x-powered-by
GitBook
server
cloudflare
image
www.ired.team/~gitbook/
5 KB
0
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXpYvCDgMM9lOs-_T1%252Fimage.png%3Falt%3Dmedia%26token%3D28b25f14-0233-4c90-a1a8-1194f2cb444e&width=768&dpr=1&quality=100&sign=9440e909&sv=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4d76d7edc38bb0f142b742961ca028680a501c8cb8ef300253f3e15642695d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfdI4mZl8q7pLnLlb2A_XYfCv-K-ChRTP4It8jXA90DQ:11b868d3ea8761737308393ecc01f022"
age
204367
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=97+107 c=0+0 v=2024.4.1 l=5471
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCC5WEWKOruHP%2B7lsd9jfqdxg4r72ZkLZaPsimhlH0gS9dPz9TvjGh2NDVpt02SZhtGjnt3mq2rD5ml49%2F85p5YN9O8wVDIxO7JjkguZAQxcd6Vm2yvtT96gd6IrEjB7PSbAlSm9gNwDgdCl6uPL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 151435B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:20:59 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 264;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c380fe8dd389-FRA
accept-ranges
bytes
content-length
5471
server
cloudflare
1*sHhtYhaCe2Uc3IU0IgKwIQ.png
miro.medium.com/v2/resize:fill:152:152/
Redirect Chain
  • https://miro.medium.com/fit/c/152/152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
  • https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
3 KB
0
Image
General
Full URL
https://miro.medium.com/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
Protocol
H2
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9f0a65ac54e9a7eef4d939591879eb7d1ad35c2f2e144dee089aa5c14032b4
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-request-id
1044461c-f034-4610-80e2-a34222c4c19d
cf-cache-status
HIT
etag
"p1beuTybJAT4iEnDIs2YasjPcpbofVcNkhY7q4ewiYk/RImIwNzg2ZDYyMTY4MjdiNjUxY2RjODUzNDIyMDJiMDIxIg"
age
427549
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 16:53:25 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
content-disposition
inline; filename="1*sHhtYhaCe2Uc3IU0IgKwIQ.png"
medium-fulfilled-by
miro-v2/main-20240226-230532-797fb80223
vary
Accept-Encoding
sepia-upstream
medium
content-security-policy
script-src 'none'
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
82
cf-ray
8d62c381b90a2beb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3489
server
cloudflare

Redirect headers

cache-control
public, max-age=7200
location
/v2/resize:fill:152:152/1*sHhtYhaCe2Uc3IU0IgKwIQ.png
cf-cache-status
HIT
x-envoy-upstream-service-time
0
age
5559
x-envoy-decorator-operation
miro.miro-production.svc.cluster.local:80/*
x-content-type-options
nosniff
cf-ray
8d62c38178cd2beb-FRA
expires
Mon, 21 Oct 2024 18:53:25 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 21 Oct 2024 16:53:25 GMT
vary
Accept-Encoding
server
cloudflare
rayanfam.png
rayanfam.com/wp-content/uploads/sites/2/2018/04/
0
0

xmark.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/
485 B
406 B
Image
General
Full URL
https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/xmark.svg?v=2&token=a463935e93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f4b78072b864e10fa420f11ec65288ac46fd785f638fb65a71c3ee16451fa9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.ired.team
Referer
https://www.ired.team/

Response headers

cache-control
max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6695a25f-1e5"
age
2334740
cf-ray
8d62c3893ac89744-FRA
access-control-allow-origin
*
date
Mon, 21 Oct 2024 16:53:26 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jul 2024 22:27:43 GMT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server
cloudflare
image
www.ired.team/~gitbook/
3 KB
0
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXqBklIIe7S73PRkV5%252Fimage.png%3Falt%3Dmedia%26token%3D72544c54-80d4-4d5b-8a86-34fc3df3899b&width=768&dpr=1&quality=100&sign=74f6bc57&sv=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290c5b489f2459717812a1e45453eff47c738f1306193f97a672bded71bb4ad5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfm6RdUZBe4UyS_O2rQjpNXXQEK-ChRTP4It8jXA90DQ:6e058788975047f801dc70f230cfc363"
age
204365
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=50+212 c=0+212 v=2024.10.1 l=3143 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaOXv7IUx0IeoKamRlbGpDBrTsGeUKV92DEurAd%2FstRsWwYZX21ozIANfdB06pel1VKAK3Bs2NM%2BusJfsed%2FaCQ1pwdxAQ1SOjdf%2BFBvEwv1yfRXQYyb1RRJA4TD8STlVIZnLTzxApS1zkZXa9aq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 24599B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:18:32 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(45;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d1d389-FRA
accept-ranges
bytes
content-length
3143
server
cloudflare
image
www.ired.team/~gitbook/
2 KB
0
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOXpPEc0c5SRBbm3bMq%252Fimage.png%3Falt%3Dmedia%26token%3D66e6da37-afdb-459b-af20-b99e9823d7e1&width=768&dpr=1&quality=100&sign=7c6123d1&sv=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2bb0bfa09acbedb169402291de67615d0fb74a85e10cb038d2e3c05a5a5955
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cfFkMF29F-Kyxpl7aa7WjPWjJ9K-ChRTP4It8jXA90DQ:157235b80bf01e60d8773c2f9260b3a6"
age
204366
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=55+452 c=0+0 v=2024.10.1 l=1806 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXc5qEfGWSX2uCvIpW83nBmxeei%2BmYyeaUzYeZi9plvEPCD9K3q4cxvXTGDISUIVQdKQngvDw7Osiqj6GFhryL799dA6qYkpdgEHcPIzJKscu3o3jROgD5RycjkAa6nP2Gw9yrbRVhBkSNmDMhSi"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 66118B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:23:37 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(81;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d6d389-FRA
accept-ranges
bytes
content-length
1806
server
cloudflare
image
www.ired.team/~gitbook/
9 KB
0
Image
General
Full URL
https://www.ired.team/~gitbook/image?url=https%3A%2F%2F386337598-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LFEMnER3fywgFHoroYn%252F-MOVVIkNJYxLhVM6ymrl%252F-MOY-SBC3WZsNpeDmar_%252Fimage.png%3Falt%3Dmedia%26token%3Dd758a9fb-5b36-45f4-9987-f55074616a36&width=768&dpr=1&quality=100&sign=480df8cf&sv=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8f2379c954fe9ffdbb18cff45fe2a1ac18e30004aea640d16c91efda7d4427
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

x-gitbook-cache
hit
cf-cache-status
HIT
etag
"cf7RQJyNvT66lFtGhpNy4yFB1lK-ChRTP4It8jXA90DQ:c264647a766a3e6487f8ae31006718ff"
age
204366
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=50+135 c=0+0 v=2024.10.1 l=9608 f=false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HcA6OdgFqJrrpf2%2BguJUPVYeo5XrdccQj8Wy5%2FdIIgiQGy%2BJwX8jGtlkkrHl1lg%2FNsBP45y08UlK3R9y%2BmT%2FROjGzZt7j9iQwDebAlGcY4Yg81zKtrcyxg2l2PXpzJgmGEvf7aIoWELANRSZ3uxm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
warning
cf-images 299 "original is 97106B smaller"
x-matched-path
/~gitbook/image
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:25 GMT
content-type
image/png
last-modified
Fri, 11 Mar 2022 14:15:55 GMT
vary
Accept, Accept-Encoding
cf-placement
local-
priority
u=4;i=?0,cf-chb=(45;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d62c381a8d4d389-FRA
accept-ranges
bytes
content-length
9608
server
cloudflare
/
www.ired.team/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdb30e027a80e1be2781eec4497fe613716af097f3dbd7a48542a18b0a6e5ac

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g228vqrpcomp9iBvmTL1JN1XwbvcnpG9xvnywHthQFQ%2Bl3HxPLZCGq5nPjZDn4Vu8EFs61cS0SdjGYSfsyfxun5YMBb%2BrXRqaYnMInTLzpWfD%2FZdSrLYSwmQ1PngUiw0gTdJMEfYNORQGL3shuyh"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c3896a75d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
__session
app.gitbook.com/
52 B
6 KB
Fetch
General
Full URL
https://app.gitbook.com/__session?proposed=6d93b3c1-0d43-40a5-823b-24ac079eb0d6R
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-310389d62963c7df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2959 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
907156d136c9dc351d3e3ef0829222cfb8fa6b1274adb5246eea7bde0a204b0f
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com *.api.gist.build *.cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://*.algolia.net https://*.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com *.opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.913;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"34-Y1OfA/+T5eYW7HL3ngI3xf4mIDE"
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 16:53:26 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
x-release
gitbook-x-prod-10.9.913-2fe28fc9a3c0bb0c3e27d36c770d01ab8ed73e6e-11443877780
date
Mon, 21 Oct 2024 16:53:26 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-cloud-trace-context
b8b231cd25a3dba2d2cf2895a6f80e52
strict-transport-security
max-age=31536000
content-security-policy
default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com *.api.gist.build *.cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://*.algolia.net https://*.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com *.opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.913;
cache-control
private
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
no cache
cf-ray
8d62c3899f4f71d7-FRA
x-magic-hash
05e6a4873618e9291c32af8746073080ea3162307adb010e24c218f958b78497
access-control-allow-origin
https://www.ired.team
content-length
72
function-execution-id
8qszb8nuv11r
x-powered-by
GitBook
server
cloudflare
offensive-security-cheetsheets
www.ired.team/offensive-security-experiments/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
807d173b53d7fa91ee2caafae779513e247005d453fccae8a6962675808a0650

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5DGv3K5ERyRT8wsOEKynO2OR0ch3iefSJ2k0zv34u6mZ8%2BIqXXl5wgbzDIVBTFjXOz7%2BodM2Wd5SUjampWKBV1TluN4VsZAizEyVRPXN26lf4k%2BEBn7XBuRZrj1cqnkFvUpqqTwxLPiZxqJtLvV"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c3898ad8d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:26 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
active-directory-kerberos-abuse
www.ired.team/offensive-security-experiments/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c07e6c566d6466ea4623c9364527f3f1748498a0dd44f79bc4de91011c3d006

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIqZ66SlHBDByMO6wdPFVOY7%2FK4wD1dMN%2FtrF7a%2FWHflMnjRCd1B%2Fa9P3nDRiQtXnziw512%2BuU1ntt5StNko9ankxG0mvfFTyTp24YFCoSZHVus43a30ACTPXdcHjkjjZbAhe6dRCfCrZw7k4TVF"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c3898aded389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
red-team-infrastructure
www.ired.team/offensive-security/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/red-team-infrastructure?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cba67e5901558f7a49468ca056f951b2fc6e0f9834ec2e75b39c99ed650520

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anGHGHOLxB1uHnFVpv%2FyGj4yuEgMg%2BLWr%2Bl8Z55ZqgaEDRDXiuXFC1IoCwAgj2%2BmPfJzT%2FF6rPHp0hqlHsKXu7YB1z36J2nHkkbqVjXKOpGCfE8PWW5klhBN8MQQPbcMTOkxcXbdD13otHQKzS8A"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c3898ae0d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
initial-access
www.ired.team/offensive-security/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/initial-access?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11eec83dd2227dfedcffd30b325c46209e4ae8264a642c49f93f81787a6369e0

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqjMPLCmOhQHXUno%2FKjuXTg9efwx%2FbPWdAmAbk4kZZIu6Oy1ZNN75Z3Ij0LNsvPmINLb%2BO0tadrpQ2IfvLabrH7mys%2Btsiod%2FebxwvC5kQL2cAorgv3Npl4E5hjAuTKz5mDyJqvGcf0N8c00DzZy"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c3898ae2d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
track_view
api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/
0
0
Fetch
General
Full URL
https://api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/track_view
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-310389d62963c7df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:92a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions

Response headers

access-control-expose-headers
location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
content-type
text/html
vary
Accept-Encoding
x-cloud-trace-context
991e7d2537551abb063771ad72a0c19c
x-frame-options
DENY
strict-transport-security
max-age=3600
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
cf-ray
8d62c38b7b779070-FRA
access-control-allow-origin
*
x-gitbook-execution-id
bde3a8c69162490c
x-powered-by
GitBook
server
cloudflare
track_view
api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/
0
0
Preflight
General
Full URL
https://api.gitbook.com/v1/orgs/-LFEMnEQwqZOY6DtfrzY/sites/site_gkbDu/insights/track_view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:92a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ired.team
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-castle-request-token,if-unmodified-since,x-gitbook-trace-id,x-gitbook-span-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8d62c38b5b4a9070-FRA
date
Mon, 21 Oct 2024 16:53:26 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=3600
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
GitBook
code-execution
www.ired.team/offensive-security/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/code-execution?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44334609ca08c0cf72107eb7b55d0403085d5ca1e8e58982a65e1a68b0cb6545

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sc14oR4XfY8wqnq3QUHLKmmqhyNi%2Bt9PIH0BVGbOJsFvn%2FwHYGtk6AL3LyhOLVXK%2F0BU10JhHSfapjUiBf%2Bg6Ia7qBwuhCn%2BKFaP16BF2dtS0LJW%2Fu30mW6YLmYKOLQcfiunYi39Lp%2FcNK7MAOJj"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38bdb0fd389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
code-injection-process-injection
www.ired.team/offensive-security/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/code-injection-process-injection?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6493f44f657b140fab78d1ba50cac55246e6720101062d3401ace341ea001a6d

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X486rDmOy5L8QT10UT%2FgFxKsMce1tmoaceuUhvhadro9H31kj0JCcChDhhajK%2B6diq6rDRRbwwiqkARI4bv3qmXb5b6JAUox2qmh75o%2F31Vb5w3l%2BYLQjkoDNQ5%2FNrpFPrV3Iu9Qu%2FPbXkbOao8R"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38c1bc1d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
defense-evasion
www.ired.team/offensive-security/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39e1e5ab38a03196ea6d23b6e8ff6ab426847c7f984af4bf2d0ef0e37d7a898

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyXGFEFmzuciZrjs0GykVO4F5ZIvSfRxs%2BGOLL2j1AU9s9pF9hdN3tTjdDQ7VlmVlz9u7vVk2Yvjh0eRDwZAnWJ9xJyBBaE9p8CTZWw%2FRq32y629XcHv6GoCT%2F9WiFPFpL8ZsdthJj1DN01EuatL"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38c3c35d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
av-bypass-with-metasploit-templates
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/av-bypass-with-metasploit-templates?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9168859799479e88066708ce833306f2319e4e31dfc13c194b20e44bda1c0e3d

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78RwnySiWgiSw94GUCfwikVwvqo6kjOOcCKDXR2yxnSPoGSl5%2FXx9fpWBUBpEMNHV3v2D3uxudG3YwJhAsQIiTSMNShSopLtkDxu5CuNBwQrOppRCjGo0obp5G6yeTjq57SvVpBf%2FpWxKPXTvAnf"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38c3c39d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
evading-windows-defender-using-classic-c-shellcode-launcher-with-1-byte-change
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/evading-windows-defender-using-classic-c-shellcode-launcher-with-1-byte-change?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0934d85e10354eb0a2e737b4222aab8152f033d1a374323f198075b42b6bcd

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUlUT81QwxKAfa1cZ5FlyuTeRjVekKBhR6qa09NHqpEA5gOoaEIXNdlxGeY2agCVMknjX95%2Bld1MCj32tRQkTWbk6uKNIwYfrgN%2FGn6354fOFA%2BAhmW0ejjb0dy%2FDnn%2Bd7FaHrVZLq2GBOYE8iiK"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38c3c42d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
bypassing-windows-defender-one-tcp-socket-away-from-meterpreter-and-cobalt-strike-beacon
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/bypassing-windows-defender-one-tcp-socket-away-from-meterpreter-and-cobalt-strike-beacon?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d65e943ab6eac3128d9b1459551fe944ca04a45a72d88699c660d3bf3a301a

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRg2N%2BnfqRUqkgLcdaX%2FxmHhTtQTyGKcEBSq5RahqvNZAwPSpzIMjlMRJ8FpXaMBqDTwB7gHiZp06mfmRMhQhQQGlVkWpZ%2FA1pVXWv%2FRYWFffyirajDFi7ylwJofjrxK3bLJwSD2B9FsppXQrx0H"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38c6cb9d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670ade2860b984870700655f8159e7055dd08050c40c2c79d8d68d46faadece8

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJkB5kNhREj2UbM%2BhZeGaf5IlvJR2DBi2984wjVuRFcd02v6VcA%2B%2FKAUt5PmlKVbpkylLfFEemWnragF9ItGsSvYdOG%2BxR0q52YW08ENQKQDPjNtjc36T92kjpkGgEwv33X7ksiq2xwbk%2FHqOUAY"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38c9d4fd389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
windows-api-hashing-in-malware
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/windows-api-hashing-in-malware?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194830674cd21522a75aef3b043907e1a3539cc1742d1f830b2d75c27b5ba159

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YodUQLwEfNGkAVsWSN02dUup2RRB5VRN8Qj7JQwiWqIXSoI1L98W39jahJF3baO8iUyBJESbcEQF6Q8%2FxjtUuI3ht7Sl2fu983B7scIzEhMas3M5kPXeS7MTUEZGmDSF2wbtaMiEsYbp311WHjVV"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38cfe94d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6810e293712855df81956897485874a78d98483292f9ec9e6623f5886ba49b9f

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCQXn6v2HCUyJI64kXAfDTPKcLYoj7ZrR%2FQ5AoJ8KuPHuZli8aBI%2FFHOegSLDwkN136NG%2B9WEYSi2CnaS6aX249mXF%2BAiX9RTOg2MgAZer8W%2BZP0Im8JOXgRZ%2BZdBNylhU2%2BEuoOw4zPfU%2F5iJUo"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38d0eb4d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
retrieving-ntdll-syscall-stubs-at-run-time
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/retrieving-ntdll-syscall-stubs-at-run-time?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cd322781cadb891066e58b0e61b7d81062dbbbace05178dfd4e499ac73e4ea

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyZGulLKz7zTl86nX7HhWD9yDtFGnDJJ85M8pV0kMUVT5eCS5mMFlita5e9R%2F29fhPK79%2BidWG0GmZJVqQMBGRM8MLpfg9wn%2B0xFrVXx0ObXUXQy1%2BTHLb9gog2WgD0BQC%2Fgg1ftTZcfntTdY3MJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38d4f54d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
how-to-unhook-a-dll-using-c++
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/how-to-unhook-a-dll-using-c++?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8856deea366f2e8f5342c3ce1d47f6bb192eecb1704b3b055ca5fcb24c5396e2

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXHBba%2F7I1KKgSv%2FX%2FhuIYKWs1dAI2B1l2hnamri%2FZKW4njij29bFJMprxc3P3dQatsF0lWGH%2FNTxI9cDEc1tlJZSWFt3KfqXaAwfBwIbbOYPT1g9XDh8HSFrrAK5%2FlZKAyx8KFpOFOw8ANZaDin"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38d5fc4d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
finding-all-rwx-protected-memory-regions
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/finding-all-rwx-protected-memory-regions?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d00be5373a719695d48688f0abbfb6b7e7a5efd4de75763eb62f74b39cea07

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BdS9kg9vapQeZTNTyRbnLnaNcT6WaJKUhwsDYD5%2BCDUOdqzim2H1wmCLB6kBj77eQX1vu1sv2HEk3jayeWanRaQYXa0BFsw4cwBfbMt3nPEYkfJ1fXmO2fenH7mTaawFljbSuhVZ5W5FGUa%2Bcl3"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38d5fc9d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
disabling-windows-event-logs-by-suspending-eventlog-service-threads
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/disabling-windows-event-logs-by-suspending-eventlog-service-threads?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05077eefcddb107a33b263af68de33e08385dfc451771bc2a5cd63d1e73eed03

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UfJinFOcpC%2FTvdE8s8Xb%2FGWLxcr1dW7mkHifVy9i7f82ThtraXNqdUxYLk%2FSQJisFDLMvheKufa8unasU71%2Bw9S1L9cICb8BT3%2F6VeQGuSaqgQ8%2FLexfIWnnQALnZQCxjcDDRPoInooGVaXH6yw"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38db928d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
t1027-obfuscated-powershell-invocations
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/t1027-obfuscated-powershell-invocations?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957c9a3069bba32347cbb09482ea8f08f6540281201156862373826614242be7

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1V0K%2FKIpKADMTGvdyKFVGFMdVwbTilz1rLgj4hV6aROvokr22K3tOQDJX8vFA%2FHNUKbjitJCSrf2IU6687VtcJ3Q73FEpAKgWLeesn0NZQTJRLA%2Bgg%2BeZZxRQdRn0nmE06fmdarKF1jIeI6kiaOZ"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38db93ed389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:28 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
masquerading-processes-in-userland-through-_peb
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/masquerading-processes-in-userland-through-_peb?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9364f64e47b51df54e88eea14b6146a1e664079a7a529d10fa83c0de0fc2be22

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqHLrqcWfUJgz2HfoFc5MdgSy9G1erjOi%2BQgmEAYSQe4DnAt6smt1x8MIOUEY1u7E35LmaHbtcES2nGlyBYlzvnKVyXmNCM1CCzJuuuqhJRTIR132AZECYObpLvvOPBnaRcfX9AOTxrsKk378Sr9"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38dfa27d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
commandline-obfusaction
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/commandline-obfusaction?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17d0e1139cb998da08623221dc83e0d7d9b660def51bedbfcb523d9444040e3

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMHd1XrTBIRd1avAqFORTV1Pdc2EnYiRk4g8NppJ3xuIjH%2B8Foz4cxz1WFgQs77kcP7jIcY1d%2Bw2Ray2Z6uSAcSovSdUIvso7EXyMrtTRh%2Fn6fDnHghN4Sh5%2Be5CSEEMuMHknDo3IfzMW9WtBk95"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38e0a4dd389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
file-smuggling-with-html-and-javascript
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/file-smuggling-with-html-and-javascript?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154e13ba5827e7b75795835023f5d07740ff957354cb4e94ffd12684a068d2f9

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZHOYaLX3lNLz7LbRghhAn5vY%2Fa6koeMl%2Bcjck2kI%2BBwwBSeV4TIPvwxpATaN5QUscWxzF3k9uqCU3zoXaZ0jpUkdtXXmotmDaX1cu2%2BO94m0U7FOk5LXGMyIK2G5mAVxIFJSWJp0xMWT86w6iOM"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38e4b64d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
t1099-timestomping
www.ired.team/offensive-security/defense-evasion/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/defense-evasion/t1099-timestomping?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dda41c032e27d5af86af09f3b8ea0601e8b123c9bd51f83f18efa74d3312267

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJABTP9AM6INF4JYFHaVTJ7a8cQKdOvMpPkdWSIcax76ZR6qGJEmr55sgIzsgOTPuqnzCopRr1y2Jy62u1Q8MMRJ6SbDilgS81BAGE0wdrN88W43kg2k2bzx%2FB8gzM69HKmTQdJ5OjwsG9hH0WA0"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38e4b74d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
how-to-hook-windows-api-using-c++
www.ired.team/offensive-security/code-injection-process-injection/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/code-injection-process-injection/how-to-hook-windows-api-using-c++?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5772e4ea407a218d59f7af59fc387ed32f20a99b7ddb1e9826bea6391d74ab

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BL01PEEFP263q37X0rHIqwOY0Bpi3pgKpmMHl9%2BG52tCQJJF6%2FY3On3VJI2tli5wfWG1VPzalwl7a3w0%2BEadYAymJmH4M6dAVUG4EyT7lWx%2BUhDvO2gjGOG14MN1yqhnv52IfVQ0EPw7LeZ1Rioi"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38e8c23d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA
api-monitoring-and-hooking-for-offensive-tooling
www.ired.team/offensive-security/code-injection-process-injection/
5 KB
2 KB
Fetch
General
Full URL
https://www.ired.team/offensive-security/code-injection-process-injection/api-monitoring-and-hooking-for-offensive-tooling?_rsc=15l2q
Requested by
Host: www.ired.team
URL: https://www.ired.team/_next/static/chunks/9978-3862268d52c1b071.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:282f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47afa5ba5ebebcad34e901181b8a7a1a00fcc41bc93dcbfa7675e645ccfb843

Request headers

RSC
1
Referer
https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Next-Url
/offensive-security/defense-evasion/detecting-hooked-syscall-functions
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Next-Router-Prefetch
1
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22offensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22offensive-security%5C%22%2C%5C%22defense-evasion%5C%22%2C%5C%22detecting-hooked-syscall-functions%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Foffensive-security%2Fdefense-evasion%2Fdetecting-hooked-syscall-functions%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache
skip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOCKdJxYwYZSR66LFNJ1ICXCv2UhlEofSJ4BNGuvxZMrwBZqe8x1tZ7Kfd7hW68n1OpR%2Faxd3ZluVQAYOpXmBZEuUki5IKmPwtRRGqpLf4LV9ItdQnpG1Fs368Pc6c3kM58%2FaD%2BIgufi4t%2FvTcWn"}],"group":"cf-nel","max_age":604800}
cf-ray
8d62c38efd87d389-FRA
x-matched-path
/[[...pathname]]
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 16:53:27 GMT
x-edge-runtime
1
content-type
text/x-component
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
server
cloudflare
cf-placement
local-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rayanfam.com
URL
https://rayanfam.com/wp-content/uploads/sites/2/2018/04/rayanfam.png
Domain
rayanfam.com
URL
https://rayanfam.com/wp-content/uploads/sites/2/2018/04/rayanfam.png
Domain
rayanfam.com
URL
https://rayanfam.com/wp-content/uploads/sites/2/2018/04/rayanfam.png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __next_f function| $RS function| $RC object| webpackChunk_N_E string| __sentryRewritesTunnelPath__ object| SENTRY_RELEASE object| next object| GitBook

2 Cookies

Domain/Path Name / Value
.medium.com/ Name: _cfuvid
Value: 7o_xLNzP8GYx2mlx8ioXipLAsGStpd9BIa6eHx.FR1U-1729529605371-0.0.1.1-604800000
.gitbook.com/ Name: __session
Value: 6d93b3c1-0d43-40a5-823b-24ac079eb0d6R

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.ired.team/offensive-security/defense-evasion/detecting-hooked-syscall-functions
Message:
The resource https://cdn.iframe.ly/embed.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'nonce-NTY1MWY0N2UtY2RiOS00MzU2LWJiNGUtOGJjNTYyZTkyZTY3' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https://cdn.iframe.ly https://google-analytics.com https://integrations.gitbook.com https://ssl.google-analytics.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' * analytics.google.com blob: data: files.gitbook.com https://ka-p.fontawesome.com ssl.google-analytics.com www.google-analytics.com www.google.com; connect-src 'self' * about: ampcid.google.com analytics.google.com api.gitbook.com app.gitbook.com https://ka-p.fontawesome.com integrations.gitbook.com srv.buysellads.com stats.g.doubleclick.net www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; frame-src *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

386337598-files.gitbook.io
api.gitbook.com
app.gitbook.com
cdn.iframe.ly
integrations.gitbook.com
ka-p.fontawesome.com
miro.medium.com
rayanfam.com
www.ired.team
rayanfam.com
2600:9000:2490:ea00:e:e47a:54c0:93a1
2606:4700:4400::6812:282f
2606:4700:4400::6812:2959
2606:4700:4400::ac40:92a7
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:93d1
2606:4700:7::a29f:9904
02f0eb183b7ab457214e41162aca24ed7c492e4c0e4c2ed9f33415ce31f00cbf
0346969443c08e43b6096508c688c22b45eb79f86f86a827d55d790e54c65350
05077eefcddb107a33b263af68de33e08385dfc451771bc2a5cd63d1e73eed03
0923585726b1c442b4eea4c6d413f96228a31247249e7693aeea3cd08c6411e0
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0cb3136e7e7818bd107dfaf599405190cd1fa965d07fabc7e34d8d0fc85a5050
10536066cbbf144cc74f80f1eaea9e981c51785c677d255508a76435511562bc
11eec83dd2227dfedcffd30b325c46209e4ae8264a642c49f93f81787a6369e0
1382ad2a83696ed8b4571912073120726308df379475265225fea956519fe09f
154e13ba5827e7b75795835023f5d07740ff957354cb4e94ffd12684a068d2f9
16f2e83d347d32f68b597f14b6d7ea2dba0a65ebca3297648164810138f9a40a
194830674cd21522a75aef3b043907e1a3539cc1742d1f830b2d75c27b5ba159
1e084992a881d68ff490cb92d3291d4a6cd319ef1194cffa5dcce87a18bd64c8
1ffe11485c88e258c8237db00c8f412aafa3f08f9236721996ad6f2a18669e56
25f4b78072b864e10fa420f11ec65288ac46fd785f638fb65a71c3ee16451fa9
290c5b489f2459717812a1e45453eff47c738f1306193f97a672bded71bb4ad5
292339afa6df803ce7fc3215663b3c22e250c3ee07a8ba221a3f250d66f3c729
41f90d66e405853ca80d4d66f4bd8ea768a4a85b600ca29773c1c499b1e17933
43275982a6c939598943d469cb5da3daf342911f51ef4bc7c049bae6c3a18aef
44334609ca08c0cf72107eb7b55d0403085d5ca1e8e58982a65e1a68b0cb6545
4c07e6c566d6466ea4623c9364527f3f1748498a0dd44f79bc4de91011c3d006
4c780179fdc6281a24a03367341c70e2bd004f4f352299aea60d978ba6845253
5848ffc1ca50bdeba329536d6c929b5c11c8a2130a4fd22c571d0a2d465a540b
5c93d0b2d7d1b4cc867abb304ba7bcec92c041babd0cada579bc2f3817102213
5dda41c032e27d5af86af09f3b8ea0601e8b123c9bd51f83f18efa74d3312267
5df5f7159c3a08fba6f1cb252f1ceaa2ed97dea4465347d8a4c458ae63bffd00
617917605dbe3ef7942ac669f8faec7f8ab5b98516764f3459c6e7bfbeeca448
6493f44f657b140fab78d1ba50cac55246e6720101062d3401ace341ea001a6d
64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147
64d65e943ab6eac3128d9b1459551fe944ca04a45a72d88699c660d3bf3a301a
670ade2860b984870700655f8159e7055dd08050c40c2c79d8d68d46faadece8
67493534aac5a7953ef877505fad65c5a80b5185d65314368f2be13c7677cd68
6810e293712855df81956897485874a78d98483292f9ec9e6623f5886ba49b9f
6d5bf07c7191ad1ae3d2ffec50b6820ee42b349716766cecfd82ff09e8f63f8c
6e69b9bc3fe6c8f32aa595be25c5bbcd9b477f93031111faf20f97363cb13116
6e8b19acc79b2357936ef1381c0ea3d34a38c8b73d096da65272b8be1ed41043
7834e63bad0b16e07695f5ad93d8484722989a1a8ea94c9ba91c4be105ca0a44
7ab2a0562e22f0c92b3178ff3d9ca99c14646df6947a180f3e655305c7249f2c
7af9d5087b0dafff9832b150fcc82fd557f517cd20751dfe2764a39719d1d48a
7c8f2379c954fe9ffdbb18cff45fe2a1ac18e30004aea640d16c91efda7d4427
7e7941db35d4dec890f4d74a0eeae7a49be4d7c6b7fab5575e130d7779dea5d5
807d173b53d7fa91ee2caafae779513e247005d453fccae8a6962675808a0650
880374dcdc4228f36daaf1fd6c09a5f11020a491cf6a8093bb82b592c129b15f
8856deea366f2e8f5342c3ce1d47f6bb192eecb1704b3b055ca5fcb24c5396e2
8b5772e4ea407a218d59f7af59fc387ed32f20a99b7ddb1e9826bea6391d74ab
907156d136c9dc351d3e3ef0829222cfb8fa6b1274adb5246eea7bde0a204b0f
9168859799479e88066708ce833306f2319e4e31dfc13c194b20e44bda1c0e3d
9364f64e47b51df54e88eea14b6146a1e664079a7a529d10fa83c0de0fc2be22
957c9a3069bba32347cbb09482ea8f08f6540281201156862373826614242be7
98222d2a280cd40b1214f296463ec8faf2fa7e700fc202d50822fe10939da3b2
a2b5edbdd84e821da7830e59580a2581cfd2e2bfb01a197c3e9f919b7859fc0a
a39e1e5ab38a03196ea6d23b6e8ff6ab426847c7f984af4bf2d0ef0e37d7a898
a65540109ec1e413cd9314ca8e3d8828fc8ea866765c189664e4b95f78307cc4
a78b181f45d9e634b417c7afec8b19db8fa8e37530bbd3c409afb2075e56d97b
b053c1a8d1743d15e13597718631b7f7d8eb96c7d283d071fbdb8b37e5e05fa7
b1b50f21c42edadd7bd1b9bddf3567d482f88ec87f70dd3e8a0ac16b4f577ac9
b373fb885fac6f76375e7a1e8739d645d56c8666c6222f2bb2a58c7d0f95ac72
babb9dcead046e13ec999b9472b38cdf93495c6bfd83cca8ece45263edf95015
bf2a6a5f8c28ed6ebddf6fa704ad4f21d95c55a140c124b94dd4bf28b736a654
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
c33391beb791938966cf84def3000885abb64f79a3e627cc7869bd22647436cc
c3b6c8db7b1f55624c23b0e636b7aefc0a8c7ed2f462b484e533bc6b71d80007
c3f6b54c642d999cce1a7eec61cd152e354f992deefaa208a1d04a064c402456
c47afa5ba5ebebcad34e901181b8a7a1a00fcc41bc93dcbfa7675e645ccfb843
c9cd322781cadb891066e58b0e61b7d81062dbbbace05178dfd4e499ac73e4ea
cc2bb0bfa09acbedb169402291de67615d0fb74a85e10cb038d2e3c05a5a5955
d4d00be5373a719695d48688f0abbfb6b7e7a5efd4de75763eb62f74b39cea07
d50b0fdc989d29de777f3f94793a3694dcfba5423c9bb029c43a026acc31df09
d5b22a4bcd64e3cfbbe6845cb14f4d1a8ad81a161adadfb5b72a3dd4a8f9fc35
d657ff7eac3f415f5fc163b78582698e1327e708fe61382ec180e82017cd1411
d9cba67e5901558f7a49468ca056f951b2fc6e0f9834ec2e75b39c99ed650520
dbdb30e027a80e1be2781eec4497fe613716af097f3dbd7a48542a18b0a6e5ac
e745a051fade69ed0d6a92fe8f0437d646bafe59a91f3c6654b0c4295c1ed91f
ed9f0a65ac54e9a7eef4d939591879eb7d1ad35c2f2e144dee089aa5c14032b4
ee4d76d7edc38bb0f142b742961ca028680a501c8cb8ef300253f3e15642695d
eed648501b56d6419b3c6e4ae904b243b8804b03b5df320e7af59fb54e7a61d6
ef0934d85e10354eb0a2e737b4222aab8152f033d1a374323f198075b42b6bcd
f17d0e1139cb998da08623221dc83e0d7d9b660def51bedbfcb523d9444040e3
f5a21135eee7aaea6067c49dd95606e4d7cd18da50e4adcb9ba7f27f7be48f4f