-
Secure Kernel Research with LiveCloudKd
Let’s say you want to research the secure kernel. You heard about hypervisors and VTL1…
-
Troubleshooting a System Crash
One day my system started crashing. A lot. Multiple blue screens per day, with a…
-
KASLR Leaks Restriction
In recent years, Microsoft has focused its efforts on mitigating bug classes and exploitation techniques.…
-
Investigating Filter Communication Ports
If you spent any time writing or researching filter drivers, you may have run into…
-
An End to KASLR Bypasses?
Edit: this post initially discussed the new changes only in the context of KASLR bypasses.…
-
Understanding a New Mitigation: Module Tampering Protection
A few months ago, I spoke at Paranoia conference about obscure and undocumented mitigations. Following…
-
One I/O Ring to Rule Them All: A Full Read/Write Exploit Primitive on Windows 11
This blog post will cover the post-exploitation technique I presented at TyphoonCon 2022. For anyone…
-
One Year to I/O Ring: What Changed?
It’s been just over a year since the first version of I/O ring was introduced…
-
HyperGuard Part 3 – More SKPG Extents
Hi all! And welcome to part 3 of the HyperGuard chronicles! In the previous blog…
-
An Exercise in Dynamic Analysis
Analyzing the PayloadRestrictions.dll Export Address Filtering This post is a bit different from my usual…