Sabitlenmiş Tweet
Thank you @reconmtl for this wonderful conference, what a way to discover Canada!
Following up my talk, here are the slides & tool from the demo: github.com/MathildeVenaul…
Blogpost on @CrowdStrike's blog coming up soon!
English
Mathilde Venault
50 posts
Mathilde Venault
@MathildeVenault
Security researcher at @CrowdStrike, living off cheese and adventures. Opinions are my own.
Katılım Kasım 2019
190 Takip Edilen270 Takipçiler
@33y0re @BlackHatEvents Congrats Connor, you deserved it! 🎉✨
English
I am over the moon to have spoken at @BlackHatEvents USA for my first time, about KCFG and KCET on Windows. It has been a goal of mine to always speak here and I am very pleased to have done so!
English
Mathilde Venault retweetledi
I often am asked for pointers on building a VM for malware analysis. I wrote a 40+ page chapter on this in my book Evasive Malware. You can download this chapter from the book on my blog for free here:
evasivemalware.com/EvasiveMalware…
Thanks @nostarch for allowing me to give it away 🤓
English
Mathilde Venault retweetledi
Looks like @BlueHatIL talks are online now, so here’s my talk for anyone who wanted to learn about the latest episode of KASLR and couldn’t make it: youtu.be/Dk2rLO2LC6I
YouTube
English
Mathilde Venault retweetledi
FYI if you’re willing to link with ntdll or dynamically resolve it there’s a ton of APIs that return TEB/PEB or leave them in one of the registers.
(Don’t believe official return values. MSDN is a liar!)
vx-underground@vxunderground
Daax, being the traditional memesteroni he is, shared a cool proof-of-concept which demonstrates how to get a pointer to the Process Environment Block without using the GS and/or FS register. Look at the full thread. It's interesting.
English
Mathilde Venault retweetledi
WinDbg doesn’t have to win the battle!🧠💥
Join @MathildeVenault at SINCON 2025 for a hands-on reverse engineering workshop that helps you make sense of the Windows debugger.
📅22-23 May 2025 | 📍voco Orchard, SG
🎟️Pass: event.cybersecuritysg.com/39kL3
#SINCON2025 #WindowsDebugging
English
Mathilde Venault retweetledi
Upcoming public training: #portfolio" target="_blank" rel="nofollow noopener">clearseclabs.com/#portfolio
English
Really excited to give a talk at SINCON this year!
I'll be presenting my tool github.com/CrowdStrike/dr…, that helps making the most of WinDbg in a minimum amount of time
Infosec In the City (IIC)@Infosec_City
Join @MathildeVenault at SINCON 2025 to discover how DrawMeATree helps reverse engineers visualise & decode complex systems faster. 📅22-23 May 2025 | 📍voco Orchard, SG 🎟️Pass: event.cybersecuritysg.com/39kL3 #SINCON2025
English
Mathilde Venault retweetledi
Save the date - @Blackhoodie_RE is partnering with
@offensive_con this year to bring a BlackHoodie training to Berlin! Students will learn how to place compiler backdoors in innocent code. Mark your calendars for May 15th! Registration opens tomorrow, space is very limited ☺️
English
Mathilde Venault retweetledi
I’m not saying you definitely have to go to @BlueHatIL this year, I’m just letting you know it’s free, by the beach and I’ll be there dropping kernel pointers to anyone who asks nicely
English
Mathilde Venault retweetledi
Mathilde Venault retweetledi
Today I’m sharing a blog post on the implementation of kernel mode shadow stacks on Windows! This post covers actively debugging the Secure Kernel and also outlines why VTL 1 is relied on to help maintain the integrity of the supervisor shadow stacks! connormcgarr.github.io/km-shadow-stac…
English
So glad to have been part of 44con this year!
44CON@44CON
Workshops in full swing for day 2 of 44CON ✨💻
English
Mathilde Venault retweetledi
There’s a brand new conference which means you get another chance to take my Windows Internals class, this time in the US 😄
RE//verse, February 2025, Orlando Florida
RE//verse@REverseConf
@securelyfitz @naehrdine @ElykDeer @palleiko @mr_phrazer Uncover how GRU bootkits and PLA supply chain implants work in Yarden Shafir’s @yarden_shafir Windows Internals course. re-verse.io/windows-24/
English
I'm happy to share that I'll be giving a workshop at @44CON about WinDbg, where I'll introduce a tool I've developed to make debugging much easier. Time to tame the Windows debugger together!
44con.com/44con-2024-tal…
English
Mathilde Venault retweetledi
In my new blog for @_CPResearch_ I propose a new injection technique, using the Thread Name API - check it out! 💙
GIF
Check Point Research@_CPResearch_
In this blog we introduce Thread-Name Calling - A new process injection technique using Thread Name. We also discuss various scenarios in which this not widely-known API can be used for offense. research.checkpoint.com/2024/thread-na…
English
Mathilde Venault retweetledi
English
Honored to announce that @_BinWalker_ and I were accepted to speak at @defcon !
Our research - "QuickShell: Sharing is caring about an RCE attack chain on Quick Share"
showcases 10 vulns in Google's Quick Share, chained to a creative RCE attack chain on Quick Share for Windows
English
Mathilde Venault retweetledi
Recently I was writing up a blog about Secure Kernel and NT working together to initialize Kernel CFG. I realized there were a lot of concepts in SK I was unfamiliar with. Because of this I wrote a post on one of those topics - Secure Image Objects. Enjoy! connormcgarr.github.io/secure-images/
English
Mathilde Venault retweetledi
Thanks to everyone who attended my talk! @offensive_con was an incredible experience. Couldn't make it? Don't worry- here are my slides! Recommend them to anyone wanting to learn more about Secure Boot's third-party risks.
nbviewer.org/github/microso…
Bill Demirkapi@BillDemirkapi
Ecstatic to share that my talk was accepted to Offensive Con. Excited to have an excuse to visit the city I was born in. Hope to see you there!
English