Ibai Castells

Dimly lit computer in a dark room, evoking hidden threats and reduced visibility.

Why So Syscalls? BOF Edition

Ibai Castells explains how moving from high level Windows APIs to lower level syscall usage alters what EDRs observe. It…

Close-up of a mechanical keyboard with red-lit keys, symbolizing offensive cybersecurity activity.

The Evolution of EDR Bypasses: A Historical Timeline

The relationship between Endpoint Detection and Response (EDR) solutions and bypass techniques represents one of cybersecurity's most dynamic battlegrounds. They…

Inside BadSuccessor: Privilege Escalation via dMSA in Windows Server 2025

Following our initial coverage of BadSuccessor, this technical breakdown dissects the inner workings of a critical privilege escalation vulnerability in…

Latest posts