Interesting links from the intertubes

20250617

• Junk Code Engines for Polymorphic Malware

20250325

• Windows Kernel Pool Memory
• Kernel Callback Removal
• CimFS: Crashing in memory, Finding SYSTEM (Kernel Edition)

20250318

• Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies

20250317

• STAR Labs Windows Exploitation Challenge 2025 Writeup

20250311

• Hacking the Xbox 360 Hypervisor Part 1: System Overview
• Hacking the Xbox 360 Hypervisor Part 2: The Bad Update Exploit
• LSA Secrets: revisiting secretsdump

20250306

• ROP Decoder

20250305

• Physmem E: When Kernel Drivers Peek Into Memory
• Red Team Tactics: Combining Direct System Calls and SRDI to Bypass AV/EDR
• Structured Exception Handler x64
• Windows Access Tokens
• How to Write a Local PE Loader from Scratch for Educational Purposes
• Voidgate: How to Execute Shellcode While Keeping It Encrypted
• Hardware Breakpoints
• A Different Take on DLL Hijacking
• Using Syscalls Directly from Visual Studio to Bypass AVs/EDRs
• Living Dangerously with Module Stomping: Leveraging Code Coverage Analysis for Injecting into Legitimately Loaded DLLs
• Kernel Driver Exploit: System Mechanic