Security research, CTF writeups, and more.
Featured
Porting the HEVD buffer overflow exploit to 64-bit Windows 8.1 and using ROP to bypass Supervisor Mode Execution Prevention.
Latest
Developing a kernel stack buffer overflow exploit against HackSysExtremeVulnerableDriver on 32-bit Windows 7 with token-stealing shellcode.
Guide to setting up both network and serial kernel debugging for Windows VMs in VMware Workstation Pro using WinDbg.
Setting up a kernel debugger, loading a driver into IDA, rebasing the text segment, and tracing IRPs through a live driver.
Building a driver that handles DeviceIoControl requests and exploring buffered, direct, and neither I/O methods.
How IRPs, IO Stack Locations, and dispatch functions work together to let user-mode applications communicate with kernel drivers.
Setting up a driver development environment in Visual Studio and writing a minimal kernel driver that loads and unloads.