Posts

• Covert IPC With the Windows Kernel Transaction Manager
• ETW Research Scripts
• Kernel Driver Debug Helper
• Review: Elastic 2024 Global Threat Report
• A Tale of a Quick Evening Malware Reversing Session
• Internals of Poylmorphic Engines
• Gödel Numbering in Go: A Mathematical Quiche
• WinGadgetHunter: Finding ROP Gadgets in Windows DLLs
• Dynamic Import Obfuscation: Evading Memory Analysis
• AWS Pentesting Toolkit: Practical Tools for Cloud Security Assessment
• Analyzing CVE-2020-11492 Docker Desktop Privilege Escalation
• PEB-less GetModuleHandle
• Simplest Indirect Syscall
• Game Hacking - Writing a Radar in Go
• MASM64 Peb Walking and Export Resolution
• Dumping Syscall Numbers and Offsets