|
Up
|
|
|
|
|
2014-02-06 - Hide process with DKOM without hard coded offsets.txt
|
|
|
|
|
2015-04-06 - Hiding loaded driver with DKOM.txt
|
|
|
|
|
2020-01-31 - DKOM - Now with Symbolic Links.pdf
|
|
|
|
|
2020-05-18 - How to use Trend Micro's Rootkit Remover to Install a Rootkit.pdf
|
|
|
|
|
2020-08-02 - Removing Kernel Callbacks Using Signed Drivers.7z
|
|
|
|
|
2021-01-09 - Heresys Gate Kernel ZwNTDLL Scraping and Work Out Ring 0 to Ring 3 via Worker Factories.pdf
|
|
|
|
|
2022-01-01 - HyperGuard Secure Kernel Patch Guard Part 1 SKPG Initialization.pdf
|
|
|
|
|
2022-01-11 - Signed Kernal Drivers - Unguarded Gateway to Windows Core.pdf
|
|
|
|
|
2022-01-15 - Demonstrating EAT hooking from Kernel space.7z
|
|
|
|
|
2022-02-04 - KCTHIJACK - KernelCallbackTable Hijack.zip
|
|
|
|
|
2022-02-17 - HyperGuard Secure Kernel Patch Guard Part 2 SKPG Extents.pdf
|
|
|
|
|
2022-03-24 - Manipulating LastWriteTime without leaving traces in the NTFS USN Journal.pdf
|
|
|
|
|
2022-04-19 - HyperGuard Part 3 More SKPG Extents.pdf
|
|
|
|
|
2022-07-14 - Lord Of The Ring0 - Part 1 Introduction.pdf
|
|
|
|
|
2022-08-04 - Lord Of The Ring0 - Part 2 A tale of routines IOCTLs and IRPs.pdf
|
|
|
|
|
2022-09-05 - DirectX and HyperV - An Offensive View.pdf
|
|
|
|
|
2022-10-18 - Fantastic Rootkits And Where to Find Them Part 1.pdf
|
|
|
|
|
2022-10-30 - Lord Of The Ring0 - Part 3 Sailing to the land of the user and debugging the ship.pdf
|
|
|
|
|
2022-12-29 - Bootkitting Windows Sandbox.pdf
|
|
|
|
|
2022-12-30 - Code Execution against Windows HVCI.pdf
|
|
|
|
|
2023-02-24 - Lord Of The Ring0 - Part 4 The call back home.pdf
|
|
|
|
|
2023-05-04 - Fantastic Rootkits and Where to Find Them Part 2.pdf
|
|
|
|
|
2023-06-05 - Terminator - Demonstrating how to kill EDR processes using a driver.zip
|
|
|
|
|
2023-07-01 - Demonstrating a Rust based Bootkit.zip
|
|
|
|
|
2023-07-29 - Lord Of The Ring0 - Part 5 Sarumans Manipulation.pdf
|
|
|
|
|
2023-09-15 - Hypervisor Detection with SystemHypervisorDetailInformation.pdf
|
|
|
|
|
2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer.7z
|
|
|
|
|
2024-02-12 - Hypervisor enforced security policies for NTOS secure kernel and a child partition.pdf
|
|
|
|
|
2024-02-25 - Keylogging in the Windows kernel with undocumented data structures.pdf
|
|
|
|
|
2024-03-23 - Anti-Anti-Rootkit Techniques - Part I UnKovering mapped rootkits.pdf
|
|
|
|
|
2024-08-11 - Blocking EDR drivers with HVCIDisallowedimage.7z
|
|
|
|
|
2024-09-16 - Kernel ETW is the bestnbspETW.pdf
|
|
|
|
|
2024-09-20 - Anti-Anti-Rootkit Techniques - Part II Stomped Drivers and Hidden Threads.pdf
|
|
|
|