Alternative ways for EDR Silencing
Assigning secondary IP addresses and IPSec filter rules to block EDR communication
Recent posts
Decompiling recent python versions (up to 3.12)
Showing several approaches to decompile and analyze newer python versions compiled with pyinstaller
Exploiting WRMSR in vulnerable drivers
Explaining the theory and the practical steps to exploit drivers which give access to the WRMSR instruction
Exploring the Windows kernel using vulnerable driver - Part 2
Exploiting CVE-2019-16098 to steal a token
Exploring the Windows kernel using vulnerable driver - Part 1
Driver basics and CVE-2019-16098
Environment Setup for Windows Kernel Debugging with Windbg
Configuring environment for kernel debugging
Malware analysis of EKANS ransomware
Analysis of the EKANS ransomware
FlareOn 2019 Writeup - Part 2
My writeups for the FlareOn 2019 challenges
FlareOn 2019 Writeup - Part 1
My writeups for the FlareOn 2019 challenges
Combining ARP poisoning and IP spoofing to bypass firewalls
A specific case of bypassing a firewall