News
Juan Sacco, founder of Exploit Pack at No Hat c...
Juan Sacco from Exploit Pack delivered a focused, hands-on workshop titled “Subverting the Windows Kernel with rootkits and exploits” at No Hat in Italy. The workshop was strictly technical: practical tools...
Juan Sacco, founder of Exploit Pack at No Hat c...
Juan Sacco from Exploit Pack delivered a focused, hands-on workshop titled “Subverting the Windows Kernel with rootkits and exploits” at No Hat in Italy. The workshop was strictly technical: practical tools...
0-Day MSR Kernel Exploit for Windows 11 25H2
New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs control where the CPU jumps for privileged transitions, they...
0-Day MSR Kernel Exploit for Windows 11 25H2
New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs control where the CPU jumps for privileged transitions, they...
Driver Buddy Revolutions for IDA
Driver Buddy Revolutions is an IDA Pro plugin that automates common Windows kernel driver research. Author: Juan Sacco What it does: 1. IOCTL enumeration and scoring Scans the driver’s code...
Driver Buddy Revolutions for IDA
Driver Buddy Revolutions is an IDA Pro plugin that automates common Windows kernel driver research. Author: Juan Sacco What it does: 1. IOCTL enumeration and scoring Scans the driver’s code...
Driver Buddy Revolutions for Ghidra
ghidra_vuln_finder.py is a Ghidra analysis script (based on DriverBuddy) that performs automated static reconnaissance on Windows kernel drivers. It scans the driver for common build patterns and interesting functions, decodes...
Driver Buddy Revolutions for Ghidra
ghidra_vuln_finder.py is a Ghidra analysis script (based on DriverBuddy) that performs automated static reconnaissance on Windows kernel drivers. It scans the driver for common build patterns and interesting functions, decodes...
WinDBG Plugin for Windows Kernel Exploitation.
This WinDBG Plugin traps and logs the IOCTLs on real-time from the target driver/module, sets a breakpoint into IRP_MJ_DEVICE_CONTROL to break or pass, and once you trigger the IOCTL from...
WinDBG Plugin for Windows Kernel Exploitation.
This WinDBG Plugin traps and logs the IOCTLs on real-time from the target driver/module, sets a breakpoint into IRP_MJ_DEVICE_CONTROL to break or pass, and once you trigger the IOCTL from...
Subverting the Windows Kernel with exploits and...
At BSides Frankfurt, Juan Sacco (Founder & Lead Developer, Exploit Pack) delivered a deep, technical session on Windows kernel exploitation and driver weaknesses. Juan walked the audience through the journey...
Subverting the Windows Kernel with exploits and...
At BSides Frankfurt, Juan Sacco (Founder & Lead Developer, Exploit Pack) delivered a deep, technical session on Windows kernel exploitation and driver weaknesses. Juan walked the audience through the journey...