Search for Blog
Menu
Home
Speaking
Labs
Discord
About Me
Contact
Home
Speaking
Labs
Discord
About Me
Contact
Windows Internals
All posts tagged - Windows Internals
Jun 3, 2026
Offensive Security
Windows Internals
Malware
ComoDoS - Exploiting a Remote Kernel Vulnerability in Comodo Internet Security
Sometimes firewall stops attackers, sometimes attackers stop firewall. analyzing a zero-day vulnerability in Comodo Internet Security's Firewall driver.
Oct 24, 2025
Offensive Security
Windows Internals
Malware
Passively Downloading Malware Payloads Via Image Caching
Detailing an improved Cache Smuggling technique to turn 3rd party software into passive malware downloader.
Aug 27, 2024
Vulnerability Research
Windows Internals
CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6
Performing a root cause analysis & building proof-of-concept for CVE-2024-38063, a CVSS 9.8 Vulnerability In the Windows Kernel IPv6 Parser
Feb 13, 2024
Programming
Windows Internals
Malware
Bypassing EDRs With EDR-Preloading
Evading user mode EDR hooks by hijacking the AppVerifier layer
Dec 27, 2023
Programming
Windows Internals
Malware
Silly EDR Bypasses and Where To Find Them
Abusing exception handlers to hook and bypass user mode EDR hooks.
Dec 25, 2023
Programming
Windows Internals
Malware
An Introduction to Bypassing User Mode EDR Hooks
Understanding the basics of user mode EDR hooking, common bypass techniques, and their limitations.
Jul 22, 2015
Windows Internals
Windows 10 System Call Stub Changes
Mar 10, 2015
Analysis
Windows Internals
Malware
Bootkit Disk Forensics – Part 3
Mar 4, 2015
Analysis
Windows Internals
Malware
Bootkit Disk Forensics – Part 2
Feb 26, 2015
Analysis
Windows Internals
Malware
Bootkit Disk Forensics – Part 1
Nov 28, 2014
Explainers
Windows Internals
Virtual File Systems for Beginners
Feb 14, 2014
Explainers
Windows Internals
The 0x33 Segment Selector (Heavens Gate)