Latest posts

Why So Syscalls? BOF Edition
Ibai Castells explains how moving from high level Windows APIs to lower level syscall usage alters what EDRs observe. It…

The Evolution of EDR Bypasses: A Historical Timeline
The relationship between Endpoint Detection and Response (EDR) solutions and bypass techniques represents one of cybersecurity's most dynamic battlegrounds. They…

Inside BadSuccessor: Privilege Escalation via dMSA in Windows Server 2025
Following our initial coverage of BadSuccessor, this technical breakdown dissects the inner workings of a critical privilege escalation vulnerability in…