DKOM 3.0: Hiding and Hooking with Windows Extension Hosts |
INFILTRATE 2019
|
The Windows Notification Facility: Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet |
Black Hat USA 2018
|
Unknown Known DLLs and other Code Integrity Trust Violations |
RECON MONTREAL 2018
|
Advancing the State of UEFI Bootkits: Persistence in the Age of PatchGuard and Windows 10 |
OffensiveCon 2018
|
Baby’s First Bounty: Lessons from bypassing Arbitrary Code Guard |
BlueHat v17
|
Fun with Sam: Inside the Surface Aggregator Module |
RECON MONTREAL 2017
|
Helium, Argon & Xenon: The Noble Gases of Windows Containers |
2017 SyScan360
|
Getting Physical with USB Type-C: Windows 10 RAM Forensics and UEFI Attacks |
RECON BRUSSELS 2017
|
Gaining Visibility into Linux Binaries on Windows - How to defend and understand WSL |
BlueHat v16
|
The Linux Kernel Hidden Inside Windows 10 |
Black Hat USA 2016
|