Kernel Mode

Name	Size	Modified
Go up	—	—
2014-02-06 - Hide process with DKOM without hard coded offsets.txt	5.2 KiB	09/17/2023 04:46:49 PM +00:00
2015-04-06 - Hiding loaded driver with DKOM.txt	2.3 KiB	09/17/2023 04:46:56 PM +00:00
2020-01-31 - DKOM - Now with Symbolic Links.pdf	688 KiB	12/20/2023 02:57:20 PM +00:00
2020-05-18 - How to use Trend Micro's Rootkit Remover to Install a Rootkit.pdf	719 KiB	09/17/2023 04:47:36 PM +00:00
2020-08-02 - Removing Kernel Callbacks Using Signed Drivers.7z	422 KiB	09/17/2023 04:47:16 PM +00:00
2020-08-15 - SassyKitdi Kernel Mode TCP Sockets LSASS Dump.pdf	310 KiB	04/27/2025 11:15:12 PM +00:00
2021-01-09 - Heresys Gate Kernel ZwNTDLL Scraping and Work Out Ring 0 to Ring 3 via Worker Factories.pdf	442 KiB	09/17/2023 04:47:02 PM +00:00
2022-01-01 - HyperGuard Secure Kernel Patch Guard Part 1 SKPG Initialization.pdf	1.4 MiB	12/20/2023 02:57:26 PM +00:00
2022-01-11 - Signed Kernal Drivers - Unguarded Gateway to Windows Core.pdf	1.4 MiB	09/17/2023 04:47:42 PM +00:00
2022-01-15 - Demonstrating EAT hooking from Kernel space.7z	102 KiB	09/17/2023 04:47:46 PM +00:00
2022-02-04 - KCTHIJACK - KernelCallbackTable Hijack.zip	2.9 MiB	09/17/2023 04:49:28 PM +00:00
2022-02-17 - HyperGuard Secure Kernel Patch Guard Part 2 SKPG Extents.pdf	858 KiB	12/20/2023 02:57:27 PM +00:00
2022-03-24 - Manipulating LastWriteTime without leaving traces in the NTFS USN Journal.pdf	106 KiB	09/17/2023 04:48:23 PM +00:00
2022-04-19 - HyperGuard Part 3 More SKPG Extents.pdf	1.1 MiB	12/20/2023 02:57:27 PM +00:00
2022-07-14 - Lord Of The Ring0 - Part 1 Introduction.pdf	163 KiB	09/17/2023 04:48:00 PM +00:00
2022-08-04 - Lord Of The Ring0 - Part 2 A tale of routines IOCTLs and IRPs.pdf	368 KiB	09/17/2023 04:48:05 PM +00:00
2022-09-05 - DirectX and HyperV - An Offensive View.pdf	9.6 MiB	09/17/2023 04:48:12 PM +00:00
2022-10-18 - Fantastic Rootkits And Where to Find Them Part 1.pdf	937 KiB	09/17/2023 04:48:16 PM +00:00
2022-10-30 - Lord Of The Ring0 - Part 3 Sailing to the land of the user and debugging the ship.pdf	181 KiB	09/17/2023 04:48:19 PM +00:00
2022-12-29 - Bootkitting Windows Sandbox.pdf	306 KiB	09/17/2023 04:48:22 PM +00:00
2022-12-30 - Code Execution against Windows HVCI.pdf	680 KiB	09/17/2023 04:48:26 PM +00:00
2023-02-24 - Lord Of The Ring0 - Part 4 The call back home.pdf	413 KiB	09/17/2023 04:48:32 PM +00:00
2023-05-04 - Fantastic Rootkits and Where to Find Them Part 2.pdf	3.1 MiB	09/17/2023 04:48:40 PM +00:00
2023-06-05 - Terminator - Demonstrating how to kill EDR processes using a driver.zip	98 KiB	09/17/2023 04:48:43 PM +00:00
2023-07-01 - Demonstrating a Rust based Bootkit.zip	1.6 MiB	09/11/2023 02:56:42 PM +00:00
2023-07-29 - Lord Of The Ring0 - Part 5 Sarumans Manipulation.pdf	651 KiB	09/12/2023 01:17:17 AM +00:00
2023-09-15 - Hypervisor Detection with SystemHypervisorDetailInformation.pdf	443 KiB	04/09/2024 02:19:26 PM +00:00
2024-02-06 - Exploiting a vulnerable Minifilter driver to create a process killer.7z	112 KiB	02/10/2024 09:13:35 PM +00:00
2024-02-12 - Hypervisor enforced security policies for NTOS secure kernel and a child partition.pdf	666 KiB	02/13/2024 05:18:05 AM +00:00
2024-02-25 - Keylogging in the Windows kernel with undocumented data structures.pdf	1.1 MiB	03/19/2024 10:37:03 PM +00:00
2024-03-23 - Anti-Anti-Rootkit Techniques - Part I UnKovering mapped rootkits.pdf	1.1 MiB	03/28/2024 10:53:13 PM +00:00
2024-08-11 - Blocking EDR drivers with HVCIDisallowedimage.7z	424 KiB	09/04/2024 03:55:26 AM +00:00
2024-09-16 - Kernel ETW is the bestnbspETW.pdf	812 KiB	11/13/2024 03:43:51 AM +00:00
2024-09-20 - Anti-Anti-Rootkit Techniques - Part II Stomped Drivers and Hidden Threads.pdf	916 KiB	11/13/2024 03:42:50 AM +00:00
2025-07-15 - Weaponizing Windows Drivers A Hackers Guide for Beginners.pdf	6.6 MiB	09/11/2025 10:55:05 AM +00:00
2025-08-15 - Driver Reverse Engineering 101.pdf	707 KiB	09/11/2025 10:55:05 AM +00:00
2025-08-24 - Hyper-V utility LiveCloudKd evolution and architecture technical analysis.pdf	3.0 MiB	09/08/2025 02:08:17 PM +00:00