Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys)
#windows_kernel #kernel_exploit #cve
@ZwLowLevel
https://github.com/enessakircolak/Windows-11-24h2-Kernel-Exploit
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - enessakircolak/Windows-11-24h2-Kernel-Exploit: Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys)
Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys) - enessakircolak/Windows-11-24h2-Kernel-Exploit
#ntfs #file_system #mft #windows_internals
@ZwLowLevel
https://hackmag.com/security/ntfs-inside
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Inside NTFS: The Windows Master File Table (MFT) Internals Explained
Tech magazine for cybersecurity specialists
FunkSec – Alleged Top Ransomware Group Powered by AI
#ransomware #ai #funksec
#ransomware #ai #funksec
@ZwLowLevel
https://research.checkpoint.com/2025/funksec-alleged-top-ransomware-group-powered-by-ai/
Forwarded from ARVIN
Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea
https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea
https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea
https://github.com/abrewer251/CVE-2025-62215_Windows_Kernel_PE
CVE-2025-62215 Exploit PoC
CVE-2025-62215 Exploit PoC
@ZwLowLevel
cl.exe poc.cpp /Od /ZI /RTC1 /MDd /link /OUT:unicorn.exe
[*] Starting CVE-2025-62215 exploitation...
[*] Performing heap spray...
[+] Allocated 100 heap chunks
[*] Spawning 8 threads to trigger race condition...
[*] Waiting for race condition...
[+] SUCCESS: Privilege escalation detected!
[+] EXPLOITATION SUCCESSFUL!
[+] Privileges escalated to SYSTEM
GitHub
GitHub - abrewer251/CVE-2025-62215_Windows_Kernel_PE: This PoC demonstrates a race condition in the Windows kernel leading to a…
This PoC demonstrates a race condition in the Windows kernel leading to a double-free vulnerability, allowing local privilege escalation to SYSTEM. The exploit uses multithreaded handle manipulatio...
Un artículo de hace aproximadamente dos años, pero que aún sigue siendo atractivo!
#irp #windows_kernel
#windows_internals #ring0
@ZwLowLevel
https://idov31.github.io/posts/lord-of-the-ring0-p5
Please open Telegram to view this post
VIEW IN TELEGRAM
Ryūjin Protector is an open-source Bin2Bin obfuscation, protection, and DRM tool for Windows PE binaries targeting the Intel x64 architecture (x86_64 only).
#obfuscation #pe #anti_debugging
#anti_analysis
@ZwLowLevel
GitHub
GitHub - keowu/Ryujin: Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool
Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool - keowu/Ryujin
Forwarded from Sec Note
Please open Telegram to view this post
VIEW IN TELEGRAM
Ibm
You just got vectored - Using vectored exception handlers (VEH) for defense evasion and process injection | IBM
Vectored Exception Handlers (VEH) have been used in malware for over a decade, but now they're gaining attention from the offensive security industry. Let's take a closer look.
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
#malware_spreading #malware_analysis
#malware_campaing
@ZwLowLevel
Trustwave
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
SpiderLabs has recently identified a banking Trojan we dubbed Eternidade Stealer, which is distributed through WhatsApp hijacking and social engineering lures.
Windows User Space Emulator
#syscall #emulator #user_mode
#sandbox
@ZwLowLevel
https://github.com/momo5502/sogen
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - momo5502/sogen: 🪅 Windows User Space Emulator
🪅 Windows User Space Emulator . Contribute to momo5502/sogen development by creating an account on GitHub.
Ghost is a process injection detection tool written in Rust.
#malware_analysis #process_injection
@ZwLowLevel
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
BOF Writeup (Pwnable.kr)
About Pwnable.kr