-
I get the script to run but it pops up UAC, so it doesn't get any elevated privilatges.
I don't understand what IIS librararies am I supposed to install, could you please clarify that?
I also brie…
-
Hello, I am trying to reproduce the HEVD-Setup.
I am running two up to date Systems (Win11 10.0.22631, x64) as host and target.
The Debugger is WinDBG 1.2308.2002.0
When I write the snapshot i ge…
-
When I paste in a Sigma rule all the YAML formatting is lost - it still converts fine, but the formatting is lost and makes it more difficult to read / edit.
For example, pasting this rule (https:/…
-
Hi hacksysteam,
After 3 months long, finally i could finish my [HEVD - TypeConfusion] exploit in the latest windows 11 build (22621).
We covered alot of important things such as:
* ROPchain
* …
-
Hey, I hope to get some insight into what I'm doing wrong. I am new to fuzzing and not much familiar with wtf, bochscpu.
From what I have hopefully understood corrrectly: bochscpu as a backend provid…
-
项目简介
一个 Red Team 攻击的生命周期,整个生命周期包括:
信息收集、攻击尝试获得权限、持久性控制、权限提升、网络信息收集、横向移动、数据分析(在这个基础上再做持久化控制)、在所有攻击结束之后清理并退出战场。
和一个著名的蓝队项目:https://github.com/meitar/awesome-cybersecurity-blueteam
另一个专门扫描破解的项目
…
-
Hi there!
Thanks for your great work!
I have two questions about `whv` if you can kindly answer them.
1. Can we directly manipulate memory using `whv`?
For example, for the current use of `hev…
-
Hi there, me again.
In order to insert a testcase, wtf uses `Backend_t::VirtWrite()`. If I understand it correctly, `wtf` writes to the next page if size of remaining test case is larger then `Page…
-
Hey again.
So I'm currently trying to fuzz some network packets in kernel and made the kernel hook and user application as similar as I could to your hevd example.
I thought I could just reuse the …
-
Hello! I am trying to do some debugging with WinDBG, and I need to trigger `BufferOverflowStackIoctlHandler`, but I can't get a handle to the device for some reason? I am using the latest HEVD and I h…