AMD64 Architecture Programmer’s Manual Volume 1:
Application Programming
#os_internals #amd64
https://docs.amd.com/v/u/en-US/24592_3.24
Application Programming
#os_internals #amd64
@ZwLowLevel
https://docs.amd.com/v/u/en-US/24592_3.24
Hypervisors for Memory Introspection and Reverse Engineering
#hypervisor #virtual_machine_introspection
#windows_internals
#uefi
https://secret.club/2025/06/02/hypervisors-for-memory-introspection-and-reverse-engineering.html
#hypervisor #virtual_machine_introspection
#windows_internals
#uefi
@ZwLowLevel
https://secret.club/2025/06/02/hypervisors-for-memory-introspection-and-reverse-engineering.html
SharpParty: Process Injection in C#
#process_injection #maldev #edr_bypass #edr_evasion
#process_injection #maldev #edr_bypass #edr_evasion
@ZwLowLevel
https://github.com/strozfriedberg/SharpParty
https://levelblue.com/blogs/security-essentials/sharpparty
GitHub
GitHub - strozfriedberg/SharpParty: C# implementation of the process injection techniques dubbed "PoolParty"
C# implementation of the process injection techniques dubbed "PoolParty" - strozfriedberg/SharpParty
Stack Obfuscator
High performance anti-analysis header for Windows (Kernel & User) and Linux systems
#ring_0 #windows_kerner
#stack_obfuscator #anti_debugging
#anti_analysis
https://github.com/Arty3/Stack-Obfuscator
High performance anti-analysis header for Windows (Kernel & User) and Linux systems
#ring_0 #windows_kerner
#stack_obfuscator #anti_debugging
#anti_analysis
@ZwLowLevel
https://github.com/Arty3/Stack-Obfuscator
GitHub
GitHub - Arty3/Stack-Obfuscator: High performance anti-analysis header for Windows (Kernel & User) and Linux systems
High performance anti-analysis header for Windows (Kernel & User) and Linux systems - Arty3/Stack-Obfuscator
#windows_internals #windows_kerner
#kernel_structure
@ZwLowLevel
https://github.com/I3r1h0n/eprocess_offsets
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - I3r1h0n/eprocess_offsets: Windows kernel _EPROCESS offsets list
Windows kernel _EPROCESS offsets list. Contribute to I3r1h0n/eprocess_offsets development by creating an account on GitHub.
#cloud_hacking #kurbenetes #cloud_security
@ZwLowLevel
https://www.rbtsec.com/blog/kubernetes-pentesting-part-five-full-etcd-secrets-dump/
Please open Telegram to view this post
VIEW IN TELEGRAM
RBT Security | Reinventing The Security
Kubernetes Pentesting – Part Five: Full etcd Secrets Dump | RBT Security
Exploit etcd to exfiltrate cluster secrets. In Part Five we escalate from master access to dumping etcd and extracting tokens and credentials.
#hardware
@ZwLowLevel
https://www.stavros.io/posts/i-converted-a-rotary-phone-into-a-meeting-handset/
Please open Telegram to view this post
VIEW IN TELEGRAM
www.stavros.io
I converted a rotary phone into a meeting handset - Stavros' Stuff
Fun-reliable side-channels for cross-container communication
https://h4x0r.org/funreliable/
#linux_hacking #kernel #linux_kernel
@ZwLowLevel
https://h4x0r.org/funreliable/
#edr_bypass #edr_evasion
#malware_development #maldev
@ZwLowLevel
https://github.com/m-shahzaib5911/Cerberus
Please open Telegram to view this post
VIEW IN TELEGRAM
CVE-2025-54110
Windows Kernel Integer Overflow Privilege Escalation
Windows Kernel Integer Overflow Privilege Escalation
#exploit #windows_kernel
@ZwLowLevel
#carding #black_box_attack #fraud #jackpotting
@ZwLowLevel
https://hackmag.com/security/carding
Please open Telegram to view this post
VIEW IN TELEGRAM
HalPrivateDispatchTableHook
Hook syscalls from ring0 without triggering PatchGuard
Hook syscalls from ring0 without triggering PatchGuard
#patchguard #api_hooking #hooking_dll #ring_0
#windows_kernel #syscall
@ZwLowLevel
https://github.com/asteria121/HalPrivateDispatchTableHook
GitHub
GitHub - asteria121/HalPrivateDispatchTableHook: Hook syscalls from ring0 without triggering PatchGuard
Hook syscalls from ring0 without triggering PatchGuard - asteria121/HalPrivateDispatchTableHook
Syscall proxing framework
Trace and control syscalls to accelerate exploit development, reverse engineering, and malware analysis. Intercept, log, and optionally modify system calls.
Trace and control syscalls to accelerate exploit development, reverse engineering, and malware analysis. Intercept, log, and optionally modify system calls.
#syscall #malware_analysis #reverse_engineering
@ZwLowLevel
https://github.com/t1b4n3/pwntrace
GitHub
GitHub - t1b4n3/pwntrace: Trace and control syscalls to accelerate exploit development, reverse engineering, and malware analysis.…
Trace and control syscalls to accelerate exploit development, reverse engineering, and malware analysis. Intercept, log, and optionally modify system calls so you can safely emulate environments, s...
A lightweight, heuristic-based PE file analyzer for Windows
#pe #windows_internals #malware_analysis
@ZwLowLevel
https://github.com/haunted-zeroday/PE-XRay-EDR
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - haunted-zeroday/PE-XRay-EDR
Contribute to haunted-zeroday/PE-XRay-EDR development by creating an account on GitHub.
Writing a Bin2Bin Obfuscator from Scratch for Windows PE x64 and Fully Deobfuscating It
#obfuscate #pe #windows_internals
#maldev #malware_development
@ZwLowLevel
keowu.re
Keowu Blog's
Security Researcher | i like All OS Internals, Malware & Reverse Engineering, C++, Intel/ARM Assembly and cool things.
Windows Instrumentation Callbacks
#kernel_callbacks #windows_internals #windows_kernel
@ZwLowLevel
https://cirosec.de/en/news/windows-instrumentation-callbacks/
cirosec
Windows Instrumentation Callbacks - cirosec
November 5, 2025 - This multi-part blog series will be discussing an undocumented feature of Windows: instrumentation callbacks (ICs). Author: Lino Facco