-
An End to KASLR Bypasses?
Edit: this post initially discussed the new changes only in the context of KASLR bypasses.…
-
Understanding a New Mitigation: Module Tampering Protection
A few months ago, I spoke at Paranoia conference about obscure and undocumented mitigations. Following…
-
One I/O Ring to Rule Them All: A Full Read/Write Exploit Primitive on Windows 11
This blog post will cover the post-exploitation technique I presented at TyphoonCon 2022. For anyone…
-
One Year to I/O Ring: What Changed?
It’s been just over a year since the first version of I/O ring was introduced…
-
HyperGuard Part 3 – More SKPG Extents
Hi all! And welcome to part 3 of the HyperGuard chronicles! In the previous blog…
-
An Exercise in Dynamic Analysis
Analyzing the PayloadRestrictions.dll Export Address Filtering This post is a bit different from my usual…
-
HyperGuard – Secure Kernel Patch Guard: Part 2 – SKPG Extents
Welcome to Part 2 of the series about Secure Kernel Patch Guard, also known as…
-
HyperGuard – Secure Kernel Patch Guard: Part 1 – SKPG Initialization
This will be a multi-part series of posts describing the internal mechanisms and purpose of…