| I hacked a card printer software (CVE-2024-34329) |
|
|
|
| Dumping LSA secrets: a story about task decorrelation |
|
|
|
| Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973) |
|
|
|
| BatBadBut: You can't securely execute commands on Windows |
|
|
|
| A Practical Guide to PrintNightmare in 2024 |
|
|
|
| CVE-2024-20656 – Local Privilege Escalation in the VSStandardCollectorService150 Service |
|
|
|
| “Please do not make it public” - Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping |
|
|
|
| Lenovo Update Your Privileges |
|
|
|
| Poch, Poch, is this thing on? Bypass AMSI with Divide & Conquer |
|
|
|
| Performance, Diagnostics, and WMI |
|
|
|
| Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution |
|
|
|
| Pulling SYSTEM out of Windows GINA |
|
|
|
| LocalPotato - When Swapping The Context Leads You To SYSTEM |
|
|
|
| Post-Exploitation: Abusing the KeePass Plugin Cache |
|
|
|
| Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1 |
|
|
|
| Can't Wait to Shut You Down — Remote DoS Using Wininit.exe |
|
|
|
| Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI |
|
|
|
| Activation Context Cache Poisoning: Exploiting CSRSS For Privilege Escalation |
|
|
|
| Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP” |
|
|
|
| You’ve Crossed the Line — Disturbing a Host’s Rest |
|
|
|
| Public Report – VPN by Google One Security Assessment |
|
|
|
| SysmonEoP |
|
|
|
| Control Your Types Or Get Pwned: Remote Code Execution In Exchange Powershell Backend |
|
|
|
| Relaying to AD Certificate Services over RPC |
|
|
|
| Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures |
|
|
|
writeups.xyz
/
Windows