Some reverse-engineered things from windows internals - winrev/microcode facility/ntosext.sys at main · 0x00Alchemist/winrev

Disclaimer: Пока вы не используете это во вредоносных действиях, мне все равно, используете ли вы это во вредоносных действиях или нет (ну вот, спародировал какого-то известного тренера по футболу). Короче, то, что представлено ниже, только для обучения,…

UAC bypass by abusing RPC and debug objects. Contribute to Kudaes/Elevator development by creating an account on GitHub.

Recent advancements in OS security from Microsoft such as PatchGuard, Driver Signature Enforcement, and SecureBoot have helped curtail once-widespread commodity kernel mode malware such as TDL4 and ZeroAccess. However, advanced attackers have found ways of…

Dynamic malware analysis is the preferred way to determine the legitimacy of an application for many AVs/EDRs/MDSs. Unlike static analysis, dynamic analysis can capture and analyze Windows API calls…

This blog post will cover the Cobalt Strike DLL stager's anatomy, design choices and highlight ways to reduce both log footprint and time-to-shellcode.

AceLdr (@kyleavery_), DLL fun (@Wietze + @ConsciousHacker), CI/CD pwnage (@smarticu5), Kerberos LPE (@monoxgas + @tiraniddo), Burp ➡️ C2 profile (@codex_tf2), AD CS + PIV (@_EthicalChaos_), and more!

An introduction to utilizing Return Oriented Programming to defeat Data Execution Prevention.

Source Code: https://github.com/Zer0Memory/FlagEditor

This code is useful for example in gamehacking, when you want to use raw addresses to resources, instead of
locating the base module & using signature scanning and or pointers.

This code disables the…

Table of contents Table of contents Introduction User-Mode Application Kernel-Mode Driver Example: Listing Kernel Memory Pool Tag Final Thoughts Introduction Over the last few years that I spent learning more and more about Microsoft Windows, it has been…