Explore >> Select a destination

You are here

 bruteratel.com
Exception Junction - Where All Exceptions Meet Their Handler | Brute Ratel C4
| | modexp.wordpress.com
Invoking System Calls and Windows Debugger Engine | modexp
3.7 parsecs away

Travel
| | Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks...
| | mdanilor.github.io
[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash?
6.1 parsecs away

Travel
| | A beginers guide into a Windows kernel stack overflow vulnerability from zero to advanced bypasses.
| | cocomelonc.github.io
Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example. - cocomelonc
3.4 parsecs away

Travel
| |
| | blog.xenoscr.net
Exploring Virtual Memory and Page Structures
36.2 parsecs away

Travel
| [AI summary] The user has provided a detailed explanation of how to resolve a virtual address to a physical address manually and using WinDbg, covering the 4-level page table structure in modern x86 processors. The explanation includes step-by-step calculations, bitmask operations, and WinDbg commands for each level of the page table. The user also mentions their intention to create a kernel driver and an application to analyze page tables and detect injected code based on a white paper.