News
Suspended threads in Windows 11 25h2 with VBS/HVCI
Check out our Technical Training Courses on Windows Kernel Exploitation --- Arbitrary Code Execution achieved in Windows 11 25h22 with VBS/HVCI present via a R/W data attack abusing suspended threads.Based on the...
Suspended threads in Windows 11 25h2 with VBS/HVCI
Check out our Technical Training Courses on Windows Kernel Exploitation --- Arbitrary Code Execution achieved in Windows 11 25h22 with VBS/HVCI present via a R/W data attack abusing suspended threads.Based on the...
![Data Only attack using [Superfetch] + RDMSR Info Leak](http://www.exploitpack.com/cdn/shop/articles/1767357121948_7f1dc4d5-9244-408c-8d15-54439f32e3f6.jpg?v=1773233762&width=533)
Data Only attack using [Superfetch] + RDMSR Inf...
Check out our Technical Training Courses on Windows Kernel Exploitation --- Windows Kernel data-only manipulation attacks with VBS/HVCI using Superfetch and L_STAR (rdmsr) for https://exploitpack.comUser-mode and Kernel code runs in VTL0...
Data Only attack using [Superfetch] + RDMSR Inf...
Check out our Technical Training Courses on Windows Kernel Exploitation --- Windows Kernel data-only manipulation attacks with VBS/HVCI using Superfetch and L_STAR (rdmsr) for https://exploitpack.comUser-mode and Kernel code runs in VTL0...
![Data Only attack via Physical R/W and [CR3 Walker PA to VA translation]](http://www.exploitpack.com/cdn/shop/articles/image-20210831220831378_deb324ff-e468-4b2b-8850-f7f929d6e3f2.png?v=1773233753&width=533)
Data Only attack via Physical R/W and [CR3 Walk...
Check out our Technical Training Courses on Windows Kernel Exploitation --- What is VBS/HVCI?VBS (Virtualization-based Security) and HVCI (Hypervisor-Protected Code Integrity) are Windows security features that use the CPU's virtualization to...
Data Only attack via Physical R/W and [CR3 Walk...
Check out our Technical Training Courses on Windows Kernel Exploitation --- What is VBS/HVCI?VBS (Virtualization-based Security) and HVCI (Hypervisor-Protected Code Integrity) are Windows security features that use the CPU's virtualization to...
NTOSKrnlWalker - Interactive Kernel ROP walker
Check out our Technical Training Courses on Windows Kernel Exploitation --- An interactive C++ console tool that uses dbghelp and pulls the PDB symbols from Microsoft for ntoskrnl.exe. Resolve kernel offsets,...
NTOSKrnlWalker - Interactive Kernel ROP walker
Check out our Technical Training Courses on Windows Kernel Exploitation --- An interactive C++ console tool that uses dbghelp and pulls the PDB symbols from Microsoft for ntoskrnl.exe. Resolve kernel offsets,...
WDK 10.0.26100.0 GDT for Ghidra 12
Check out our Technical Training Courses on Windows Kernel Exploitation --- WDK 10.0.26100.0 GDT for Ghidra 12 using clang preprocessing and sanitization so Ghidra’s parser accepts all kernel/CRT prototypes. Coming from...
WDK 10.0.26100.0 GDT for Ghidra 12
Check out our Technical Training Courses on Windows Kernel Exploitation --- WDK 10.0.26100.0 GDT for Ghidra 12 using clang preprocessing and sanitization so Ghidra’s parser accepts all kernel/CRT prototypes. Coming from...
Exploit Pack at No Hat conference (Italy)
Juan Sacco from Exploit Pack delivered a focused, hands-on workshop titled “Subverting the Windows Kernel with rootkits and exploits” at No Hat in Italy. The workshop focused on three primary exploit...
Exploit Pack at No Hat conference (Italy)
Juan Sacco from Exploit Pack delivered a focused, hands-on workshop titled “Subverting the Windows Kernel with rootkits and exploits” at No Hat in Italy. The workshop focused on three primary exploit...