Windows Internals: Dissecting Secure Image Objects - Part 1
Analysis of NT, Secure Kernel, and SKCI working together to create the initial SECURE_IMAGE object
Recent posts
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 3)
Porting part 2’s ChakraCore exploit to Microsoft Edge while defeating ASLR, DEP, CFG, ACG, CIG, and other mitigations.
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2)
Leveraging ChakraCore to convert our denial-of-service from part 1 into a read/write primtive and functioning exploit.
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1)
End-to-end ‘modern’ browser exploitation on Windows beginning with configuring a browser exploitation environment, exploring JavaScript intrinsics, and under...