Understanding Path Resolution in Windows for Vulberability Research & Exploit Development.. Going beyong the traditional content :)
Just wanted to understand what they are, How they work, How to write such drivers, How they are different from the legacy drivers etc etc.
This blog post is on Callback Registration Mechanisms, where we will be talking more about its internals rather than just covering the already well-known callback routines.
DPCs are a mechanism that allows code running at a high interrupt request level (IRQL) to defer execution of lower-priority work until the processor returns to a lower IRQL.
I had no idea what they were, since I had never heard of them before. I remember reading those posts multiple times (I swear!), diving through MSDN, checking a few Stack exchange pages, and eventually managing to grasp how they worked.
This blog post is on HalDispatchTable, where we will be talking more about its internals instead of just saying “Oh, it’s part of the Hardware Abstraction Layer that deals with hardware stuff” and moving on, we’re going deeper
Following up on my previous post about the role of RFCs in vulnerability research, I thought it would be nice to explore IOCTLs, a crucial element in vulnerability research, exploit development, and reverse engineering Windows drivers.
After my previous posts about RFCs in 0-day research, I thought it would be great to shift the focus to N-day research.
But as the title suggests, this post is all about the importance of understanding RFCs, especially if you’re diving into vulnerability research.
I thought of creating a shellcode loader which upon executing will make a connection to my server, downloads the shellcode and executes it.
In this blog, we will be going through on how to setup Constrained Delegation lab.
So, You want to be a red teamer? Then You have to create your small Active Directory Home Lab right now!