Posts
- Windows 11 x64 Kernel Exploitation - NonPaged Pool Overflow using HEVD – Part 1: Arbitrary Read
- Catching Shells in Style with I/O Completion Ports (IOCP)
- Windows 10 x64 Kernel Exploitation - Time-of-Check Time-of-Use (TOCTOU) Race Condition using HEVD
- Windows 10 x64 Kernel Exploitation - Arbitrary Write (Write-What-Where) using HEVD
- Windows 10 x64 Kernel Exploitation - Stack Buffer Overflow using HEVD
- Adding Assembly (asm) Files to Visual Studio C/C++ Projects
- Whoops… I dropped my SYSTEM thread HANDLE
- A Novel Method for Bypassing ETW
- Dumping Active Directory Credentials
- Kerberos Abuse Part 3 - Constrained Delegation
- Kerberos Abuse Part 2 - Unconstrained Delegation
- Kerberos Abuse Part 1 - Resource-Based Constrained Delegation
- Getting Local Admin with only an NTLM Hash
- EdgeGdi.dll for Persistence and Lateral Movement
- Getting Started with Windows Defender Application Control (WDAC)
- Bypassing LSA Protection on Windows 10/11
- Game Over Privileges
- Capturing and Relaying NTLM Authentication: Methods and Techniques
- Pass-The-Hash with RDP
- Windows Credential Management, Logon Sessions and the Double Hop Problem