S K

As promised, I wrote about my Windows 11 post exploitation technique to go from an arbitrary write/increment to a full read/write through I/O rings: windows-internals.com/one-i-o-ring-t…

The slides of our @reconmtl talk on the next generation of virtualization-based obfuscators are now available. @m_u00d8 & I show how to break current VMs and why these attacks will no longer work. We also discuss the next steps in deobfuscation research. synthesis.to/presentations/…

tfw you google a question and your own blog post is the first result ...and it answers your question

Hex-Rays plugin for automated simplification of Windows Kernel decompilation. github.com/can1357/NtRays #Hack #408 (2021)

#ProTip Some handy #Github repo for a better #WinDbg experience: - github.com/microsoft/WinD… - github.com/TimMisiak/WinD… by @timmisiak - github.com/yardenshafir/W… by @yarden_shafir - github.com/0vercl0k/windb… by @0vercl0k - github.com/hugsy/windbg_j… by @_hugsy_ Got more? Add here 👇

FindFunc: An IDA plugin for advanced function matching by assembly template, constants, string/name/byte reference github.com/FelixBer/FindF…

RCA for 1 of the 2 CLFS bugs patched in April 2022. While we can't determine the CVE, we did managed to exploit it ;) ... credit: @b1thvn_ pixiepointsecurity.com/blog/nday-cve-…