DirtyCred Remastered: how to turn an UAF into Privilege Escalation

A Primer on Process Reparenting in Windows. Process reparenting is a technique used in Microsoft Windows to create a child process under a different parent process than the one making the call to CreateProcess. Malicious actors can use this technique to evade…

A crypto-core (also called crypto-accelerator) is a dedicated piece of hardware inside the System-on-Chip. Its main role is to 'accelerate' cryptographic

As part of the second edition of Windows Kernel Programming, I’m working on chapter 13 to describe the basics of the Windows Filtering Platform (WFP). The chapter will focus mostly on kernel-…

Incident Response Methodologies 2022. Contribute to certsocietegenerale/IRM development by creating an account on GitHub.

More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit…

In this blog post, we present new techniques for recovering the NTLM hash from an encrypted credential protected by Windows Defender…

Earlier this year, I discovered a flaw in XNU, which is the kernel that Apple uses on both macOS and iOS. While it's not a particularly complicated flaw, I wanted to explain how I discovered it and how it works, both so that I can motivate others and so that…

CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM - kkent030315/CVE-2022-42046

Hey readers, hope everyone is having a good time. Once again I decided to write blogs for the community on topics I stumble upon. I hope…

(A Script that Solicits GPT-3 for Comments on Decompiled Code)

Page Cache and basic file operations # Last updated: Oct 2025 Contents
File reads Reading files with read() syscall Reading files with mmap() syscall File writes Writing to files with write() syscall File writes with mmap() syscall Dirty pages Synchronize…

In part four of our ELF 101 blog series, we explain the dynamic linking process, including its purpose, how it works and the different linking modes.

In our previous post, we focused on understanding the relationship between sections and segments, which serve as the foundation for understanding the ELF file format.

Welcome to the third and final installment of the “Chrome Browser Exploitation” series. The main objective of this series has been to provide an introduction to browser internals and delve into the topic of Chrome browser exploitation on Windows in greater…

Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. - ginsudev/WDBFontOverwrite

This post is part of Intezers blog series about executable and linkable formats. In this post, we will introduce the concept of ELF relocations and their relationship with symbols. Later we will explain more advanced concepts, such as dynamic linking.