unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Tapping into the potential of Memory Dump Emulation
This post summarizes some of the work I've been doin...
2024-1-27 08:0:0 | 阅读: 4 |
收藏
|
BlahCats - blahcat.github.io
bochscpu
memory
sess
windows
dmp
Section Objects as Kernel/User communication mode
I've recently decided to read cover to cover some Wi...
2023-4-4 08:0:0 | 阅读: 13 |
收藏
|
BlahCats - blahcat.github.io
pa
baseaddress
viewsize
pfn
pde
Install Hyper-V & Sandbox on Windows 10 Home
Contrarily to what even Microsoft says, both Hyper-V...
2022-8-6 15:0:0 | 阅读: 18 |
收藏
|
blahcat.github.io
windows
systemroot
featurename
dism
Install Hyper-V & Sandbox on Windows 10/11 Home
Another lie, probably put in place from MS marketing...
2022-8-6 15:0:0 | 阅读: 10 |
收藏
|
blahcat.github.io
windows
microsoft
dism
servicing
systemroot
WinDbgX undocumented workspace options
How to use WinDbgX workspaces to make debugging even...
2022-7-17 15:0:0 | 阅读: 21 |
收藏
|
blahcat.github.io
workspaces
Setup KDCOM for 2 Hyper-V VMs
How to use Hyper-V to debug using KdCOM from 2 VMs,...
2022-7-14 15:0:0 | 阅读: 11 |
收藏
|
blahcat.github.io
kdcom
vmcomport
privileged
debugger
com1
Browsing the registry in kernel-mode
One of Windows kernel subsystem I recently dug into is the Configuration Manager (CM), mostly b...
2021-01-11 12:45:00 | 阅读: 193 |
收藏
|
blahcat.github.io
subkeys
hmap
hives
machine
hhive
Browsing the registry in kernel-mode
One of Windows kernel subsystem I recently dug into is the Configuration Manager (C...
2021-1-10 16:0:0 | 阅读: 19 |
收藏
|
blahcat.github.io
subkeys
hmap
hives
machine
hhive
Cheap sandboxing with AppContainers
BackgroundThis is a short blog post that I decided to finish recently after looking for a way...
2020-12-30 10:49:00 | 阅读: 164 |
收藏
|
blahcat.github.io
nullptr
trustee
startupinfo
windows
Cheap sandboxing with AppContainers
BackgroundThis is a short blog post that I decided to finish recently after lookin...
2020-12-29 16:0:0 | 阅读: 23 |
收藏
|
blahcat.github.io
nullptr
trustee
startupinfo
windows
Some toying with the Self-Reference PML4 Entry
Sometimes you read about a completely awesome exploitation technique, so you want t...
2020-6-15 15:0:0 | 阅读: 22 |
收藏
|
blahcat.github.io
pml4
windows
pa
0x1ed
pde
Some toying with the Self-Reference PML4 Entry
Sometimes you read about a completely awesome exploitation technique, so you want to go deeper....
2020-06-15 09:00:00 | 阅读: 169 |
收藏
|
blahcat.github.io
pml4
windows
pa
0x1ed
pde
Enumerating processes from KD
This is tiny Post-It post to remind of different ways to enumerate processes from KD: using...
2020-05-24 11:40:00 | 阅读: 120 |
收藏
|
blahcat.github.io
debugger
Enumerating processes from KD
This is tiny Post-It post to remind of different way...
2020-5-23 15:0:0 | 阅读: 13 |
收藏
|
blahcat.github.io
debugger
An unexpected logic bug on Win32k
The short versionThe short version is that there's a small logic bug in user32!En...
2020-3-9 15:0:0 | 阅读: 34 |
收藏
|
blahcat.github.io
00000218
endtask
csrss
hwnd
csr
An unexpected logic bug on Win32k
The short versionThe short version is that there’s a small logic bug in user32!EndTask() whi...
2020-03-09 09:00:00 | 阅读: 124 |
收藏
|
blahcat.github.io
00000218
endtask
csrss
hwnd
csr
Small dumps in the big pool
Or, on how to use the (Windows 10) new field _ETHREAD.ThreadName to stabilize kerne...
2019-3-17 15:0:0 | 阅读: 21 |
收藏
|
blahcat.github.io
windows
threadname
ethread
pooltag
Small dumps in the big pool
SetThreadDescription() as a way to allocate controlled kernel poolsKeeping on with experiment...
2019-03-17 09:00:00 | 阅读: 108 |
收藏
|
blahcat.github.io
threadname
windows
ethread
pooltag
Scripting with Windows Root Directory Object
Still on my way to learning of Windows kernel, I spend considerable amount of time...
2019-1-30 16:0:0 | 阅读: 9 |
收藏
|
blahcat.github.io
alpc
windbg
lkd
winobj
Scripting with Windows Root Directory Object
Still on my way to learning of Windows kernel, I spend considerable amount of time on WinDbg Pr...
2019-01-30 09:00:00 | 阅读: 97 |
收藏
|
blahcat.github.io
alpc
lkd
windbg
winobj
Previous
1
2
3
4
5
6
7
8
Next