Posts
- Covert IPC With the Windows Kernel Transaction Manager
- ETW Research Scripts
- Kernel Driver Debug Helper
- Review: Elastic 2024 Global Threat Report
- A Tale of a Quick Evening Malware Reversing Session
- Internals of Poylmorphic Engines
- Gödel Numbering in Go: A Mathematical Quiche
- WinGadgetHunter: Finding ROP Gadgets in Windows DLLs
- Dynamic Import Obfuscation: Evading Memory Analysis
- AWS Pentesting Toolkit: Practical Tools for Cloud Security Assessment
- Analyzing CVE-2020-11492 Docker Desktop Privilege Escalation
- PEB-less GetModuleHandle
- Simplest Indirect Syscall
- Game Hacking - Writing a Radar in Go
- MASM64 Peb Walking and Export Resolution
- Dumping Syscall Numbers and Offsets