News

Unsigned drivers loading on Windows 11 25H2 (fully patched) by exploiting Kernel R/W primitives

Unsigned drivers loading on Windows 11 25H2 (fu...

Check out our Technical Training Courses on Windows Kernel Exploitation --- After having developed working exploits for physical r/w (ZwMapViewOfSection) and r/w through MSR (L_STAR) for Windows 11 25H2, I decided...

Unsigned drivers loading on Windows 11 25H2 (fu...

Check out our Technical Training Courses on Windows Kernel Exploitation --- After having developed working exploits for physical r/w (ZwMapViewOfSection) and r/w through MSR (L_STAR) for Windows 11 25H2, I decided...

Juan Sacco, founder of Exploit Pack at No Hat conference (Italy)

Juan Sacco, founder of Exploit Pack at No Hat c...

Juan Sacco from Exploit Pack delivered a focused, hands-on workshop titled “Subverting the Windows Kernel with rootkits and exploits” at No Hat in Italy. The workshop was strictly technical: practical tools...

Juan Sacco, founder of Exploit Pack at No Hat c...

Juan Sacco from Exploit Pack delivered a focused, hands-on workshop titled “Subverting the Windows Kernel with rootkits and exploits” at No Hat in Italy. The workshop was strictly technical: practical tools...

0-Day MSR Kernel Exploit for Windows 11 25H2

0-Day MSR Kernel Exploit for Windows 11 25H2

Check out our Technical Training Courses on Windows Kernel Exploitation --- New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs...

0-Day MSR Kernel Exploit for Windows 11 25H2

Check out our Technical Training Courses on Windows Kernel Exploitation --- New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs...

Driver Buddy Revolutions for IDA

Driver Buddy Revolutions for IDA

Check out our Technical Training Courses on Windows Kernel Exploitation --- Driver Buddy Revolutions is an IDA Pro plugin that automates common Windows kernel driver research. Author: Juan Sacco What it...

Driver Buddy Revolutions for IDA

Check out our Technical Training Courses on Windows Kernel Exploitation --- Driver Buddy Revolutions is an IDA Pro plugin that automates common Windows kernel driver research. Author: Juan Sacco What it...

Driver Buddy Revolutions for Ghidra

Driver Buddy Revolutions for Ghidra

Check out our Technical Training Courses on Windows Kernel Exploitation --- ghidra_vuln_finder.py is a Ghidra analysis script (based on DriverBuddy) that performs automated static reconnaissance on Windows kernel drivers. It scans...

Driver Buddy Revolutions for Ghidra

Check out our Technical Training Courses on Windows Kernel Exploitation --- ghidra_vuln_finder.py is a Ghidra analysis script (based on DriverBuddy) that performs automated static reconnaissance on Windows kernel drivers. It scans...

WinDBG Plugin for Windows Kernel Exploitation.

WinDBG Plugin for Windows Kernel Exploitation.

Check out our Technical Training Courses on Windows Kernel Exploitation --- This WinDBG Plugin traps and logs the IOCTLs on real-time from the target driver/module, sets a breakpoint into IRP_MJ_DEVICE_CONTROL to...

WinDBG Plugin for Windows Kernel Exploitation.

Check out our Technical Training Courses on Windows Kernel Exploitation --- This WinDBG Plugin traps and logs the IOCTLs on real-time from the target driver/module, sets a breakpoint into IRP_MJ_DEVICE_CONTROL to...

Technical Training