Latest posts

• Dumping LSA secrets, a story about task decoralation In this blogpost we'll see how task decorrelation can be abused to bypass EDR's detection mecanisms during internal assessments
  Jul 2, 2024 - 11 min read
• From Windows drivers to a almost fully working EDR In this article we will see how Windows drivers work, how to create one and, in the end, we will develope a custom EDR that will rely on kernel callback functions, static analysis and API hooking.
  Jan 31, 2024 - 39 min read
• [FR] Conférence à LeHack23: Du driver Windows à l'EDR Rediffusion de la conférence du driver Windows à l'EDR.
  Jan 8, 2024 - 1 min read