| Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology |
Black Hat USA 2018
|
| A Process is No One: Hunting for Token Manipulation |
Black Hat Europe 2017
|
| "_____ Is Not a Security Boundary." Things I Have Learned and Things That Have Gotten Better from Researching Microsoft Software |
BlueHat v17
|