Think out of the box. This blog talks about computer security. Tutorials about buffer overflow, Active Directory, everything is explained with examples.
An advanced, low-level programer's guide to Windows NT Kernel, Native API and drivers.
Get to know Windows 11, the Windows that brings you closer to what you love.News and features for people who use and are interested in Windows, including announcements from Microsoft and its partners.News and more about hardware products from Microso.
These are notes about all things focusing on, but not limited to, red teaming and offensive security.
Learn to safeguard your organization's AI with guidance and best practices from the industry leading Microsoft AI Red Team.
Blog about Windows NT.
Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers.
At this site, you can get a lot of free material. Indeed, this site exists primarily to supply you with free samples as a means of encouraging your attention.
Expert coverage on security matters such as zero trust, identity and access management, threat protection, information protection, and security management.
Active Directory and Internal Pentest Cheatsheets.
Build skills that open doors. See all you can do with documentation, hands-on training, and certifications to help you get the most from Microsoft products.
Deepen your security knowledge and gain a fundamental understanding of a variety of cybersecurity, identity, and compliance topics and best practices.
My name is Brandon Marshall (aka Marsh) I am currently working as an Offensive Security Researcher. A majority of my time is spent developing internal Red Team tooling, reverse engineering, and exploit creation.
The site for people they like to build Network Servers with CentOS, Ubuntu, Fedora, Debian, Windows Server.
This collection of Native API header files has been maintained since 2009 for the Process Hacker project, and is the most up-to-date set of Native API definitions that we know of. We have gathered these definitions from official Microsoft header files and symbol files, as well as a lot of reverse engineering and guessing. See phnt.h for more information.
Hacker, red teamer, researcher. Likes to write infosec-focussed Python tools. This is my personal blog containing research on topics I find interesting, such as (Azure) Active Directory internals, protocols and vulnerabilities.
Well in this new book I will start to learn some Red Team Topics, and I will work on learning as much as possible, I will try to keep this updated, to newer things that I may find, I think this will help around in my future projects. I am following the MITRE ATTACK Framework and just adapting it to something for me to understand, I will make this public for anyone that want's to learn in this awesome field. If anything is wrong I will try my best to fix it.
Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks. The project helps security professionals stay informed and mitigate potential threats.
This project is aimed at providing technical guides on various hacking topics. The most advanced topics are Active Directory and Web services. Other topics will be added. The ultimate goal is centralize all hacking techniques.
This is a cross-reference of the ReactOS source code produced using the excellent Doxygen package. It is refreshed on a daily basis.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A tutorial website, we share Microsoft Windows Server, Linux Server, Firewalls, Cloud, Virtualization, and Networking related tutorials.
Take a look into the depths of Windows kernels and reveal more than 60000 undocumented structures.
The repository tries to gather an information about Windows persistence mechanisms to make the protection/detection more efficient. Most of the information is well known for years, being actively used within various scenarios.
AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process. The snippets are randomly selected from a small pool of techniques/variations before being obfuscated. Every snippet is obfuscated at runtime/request so that no generated output share the same signatures.
Extremely passionate about Windows exploit development, internals, C, Assembly, or anything low-level.