🔧 DriverTool - Windows Driver Management Utility
A tool that can help you develop and analyze Windows drivers.
A tool that can help you develop and analyze Windows drivers.
#windows_kernel
#windows_driver
#windows_internals
@ZwLowLevel
GitHub
GitHub - Tkillow/Sys-Startup-Tool-Boot-Start: A tool that can help you develop and analyze Windows drivers.
A tool that can help you develop and analyze Windows drivers. - Tkillow/Sys-Startup-Tool-Boot-Start
BOAZ Evasion and Antivirus Testing Tool
Multilayered AV/EDR Evasion Framework
Multilayered AV/EDR Evasion Framework
#edr_bypass
#edr_evasion
@ZwLowLevel
Registry Writes Without Registry Callbacks
This post explores a technique for establishing registry persistence and registry writes against HKCU at medium integrity without triggering registry callbacks.
This post explores a technique for establishing registry persistence and registry writes against HKCU at medium integrity without triggering registry callbacks.
#malware_development
#maldev
@ZwLowLevel
DeceptIQ
Registry Writes Without Registry Callbacks
Explore NTUSER.MAN, an overlooked Windows profile mechanism that allows registry persistence without triggering CmRegisterCallback EDR monitoring.
10,000 Lines of C, Real x86-64 Assembly for Critical Paths: Building Kernel-Level AI Security
#os_internals
#ai
@ZwLowLevel
DEV Community
10,000 Lines of C, Real x86-64 Assembly for Critical Paths: Building Kernel-Level AI Security
SENTINEL IMMUNE: syscall hooks in assembly, AVX2 SIMD pattern matching, DragonFlyBSD kernel module. Pure C/ASM, zero Python.
Machine Learning-Based Cybersecurity Solutions for Cloud Computing
Traditional signature-based security solutions detect known threats through pattern matching against databases of malware signatures and attack indicators. This approach fails against zero-day exploits, polymorphic malware employing code obfuscation, and advanced persistent threats (APTs) utilizing novel attack techniques.
Traditional signature-based security solutions detect known threats through pattern matching against databases of malware signatures and attack indicators. This approach fails against zero-day exploits, polymorphic malware employing code obfuscation, and advanced persistent threats (APTs) utilizing novel attack techniques.
#machine_learning
#llm
#reinforcement_learning
#ai
@ZwLowLevel
https://eudoxuspress.com/index.php/pub/article/view/4595/3409
Windows ARM64 Internals: Pardon The Interruption! Interrupts on Windows for ARM
#windows_internals
#windows_kernel
#arm64
#ring0
https://connormcgarr.github.io/windows-arm64-interrupts/
Out Of Control: How KCFG and KCET Redefine Control Flow Integrity in the Windows Kernel
#windows_kernel
#windows_internals
#ring_0
@ZwLowLevel
https://www.youtube.com/watch?v=LflYlvJ4vSU
YouTube
Out Of Control: How KCFG and KCET Redefine Control Flow Integrity in the Windows Kernel
Virtual Secure Mode, or VSM, on Windows marked the most significant leap in security innovation in quite some time, allowing the hypervisor to provide unprecedented protection to the Windows OS. With VSM features like Credential Guard, preventing in-memory…
US Invasion Plans Against Venezuela Explained
#venezuela
#maduro
@ZwLowLevel
https://www.youtube.com/watch?v=3n0HulTEDYI
YouTube
US Invasion Plans Against Venezuela Explained
#venezuela #caracas #usattackvenezuela
Why is the United States actively preparing for war in the Southern Caribbean
To answer that, we have to look at the massive reactivation of Cold War infrastructure that has been dormant for decades.
What is happening…
Why is the United States actively preparing for war in the Southern Caribbean
To answer that, we have to look at the massive reactivation of Cold War infrastructure that has been dormant for decades.
What is happening…
Forwarded from ARVIN
0day speedrun? OpenFlagr <= 1.1.18 Authentication Bypass
https://dreyand.rs/code%20review/golang/2026/01/03/0day-speedrun-openflagr-less-1118-authentication-bypass?x
https://dreyand.rs/code%20review/golang/2026/01/03/0day-speedrun-openflagr-less-1118-authentication-bypass?x
DreyAnd’s Web Security Blog
0day speedrun? OpenFlagr <= 1.1.18 Authentication Bypass
A detailed 0day speedrun uncovering an authentication bypass in OpenFlagr ≤ 1.1.18. Root cause analysis, exploitation path, impact assessment, and remediation.
Sliver C2 — Comprehensive Cyber Threat Intelligence Brief
#cyber_threat_intelligence
#cti
#malware_analysis
@ZwLowLevel
0Xadroit
Sliver C2 — Comprehensive Cyber Threat Intelligence Brief
A comprehensive threat intelligence analysis of Sliver C2 framework, including MITRE ATT&CK mapping, indicators of compromise, detection rules, and defensive recommendations for security teams.
Sleak Crypter
Sleak Crypter is a simple obfuscate tool that allows you to encrypt and obfuscate your files.
Sleak Crypter is a simple obfuscate tool that allows you to encrypt and obfuscate your files.
#malware_development
#malwaredev
#maldev
@ZwLowLevel