Posts

• Windows 11 x64 Kernel Exploitation - NonPaged Pool Overflow using HEVD – Part 1: Arbitrary Read
• Catching Shells in Style with I/O Completion Ports (IOCP)
• Windows 10 x64 Kernel Exploitation - Time-of-Check Time-of-Use (TOCTOU) Race Condition using HEVD
• Windows 10 x64 Kernel Exploitation - Arbitrary Write (Write-What-Where) using HEVD
• Windows 10 x64 Kernel Exploitation - Stack Buffer Overflow using HEVD
• Adding Assembly (asm) Files to Visual Studio C/C++ Projects
• Whoops… I dropped my SYSTEM thread HANDLE
• A Novel Method for Bypassing ETW
• Dumping Active Directory Credentials
• Kerberos Abuse Part 3 - Constrained Delegation
• Kerberos Abuse Part 2 - Unconstrained Delegation
• Kerberos Abuse Part 1 - Resource-Based Constrained Delegation
• Getting Local Admin with only an NTLM Hash
• EdgeGdi.dll for Persistence and Lateral Movement
• Getting Started with Windows Defender Application Control (WDAC)
• Bypassing LSA Protection on Windows 10/11
• Game Over Privileges
• Capturing and Relaying NTLM Authentication: Methods and Techniques
• Pass-The-Hash with RDP
• Windows Credential Management, Logon Sessions and the Double Hop Problem