From Windows drivers to a almost fully working EDR
In this article we will see how Windows drivers work, how to create one and, in the end, we will develope a custom EDR that will rely on kernel callback functions, static analysis and API hooking.
Jan 31, 2024
-
39 min read
Browsers' cache smuggling
This article will present a new way of dropping malwares on a target system exploiting browser caching mechanism
Jul 8, 2023
-
10 min read
Protected Users, you thought you were safe uh?
This article shows that the Protected Users protections do not apply correctly to the RID500 account of an Active Directory.
Mar 28, 2023
-
7 min read