Insecure by Design Insecure by Design, Epic Games Peer-to-Peer Multiplayer Service The opinions expressed in this publication are those of the authors. They do not reflect the opinions or views of my employer. All research was conducted independently. As someone who
Security Research Defeating Macro Document Static Analysis with Pictures of My Cat Over the past few weeks I've spent some time learning Visual Basic for Applications (VBA), specifically for creating malicious Word documents to act as an initial stager. When taking operational
Security Research How to use Trend Micro's Rootkit Remover to Install a Rootkit The opinions expressed in this publication are those of the authors. They do not reflect the opinions or views of my employer. All research was conducted independently. For a recent
Security Research Several Critical Vulnerabilities on most HP machines running Windows I always have considered bloatware a unique attack surface. Instead of the vulnerability being introduced by the operating system, it is introduced by the manufacturer that you bought your machine
Insecure by Design Insecure by Design, Weaponizing Windows against User-Mode Anti-Cheats The market for cheating in video games has grown year after year, incentivizing game developers to implement stronger anti-cheat solutions. A significant amount of game companies have taken a rather
Security Research Local Privilege Escalation on Dell machines running Windows In May, I published a blog post detailing a Remote Code Execution vulnerability in Dell SupportAssist. Since then, my research has continued and I have been finding more and more
Security Research Remote Code Execution on most Dell computers What computer do you use? Who made it? Have you ever thought about what came with your computer? When we think of Remote Code Execution (RCE) vulnerabilities in mass, we
Security Research Hacking College Admissions Getting into college is one of the more stressful time of a high school student's life. Since the admissions process can be quite subjective, students have to consider a variety
Security Research Reversing the CyberPatriot National Competition Scoring Engine Edit 4/12/2019Originally, I published this post a month ago. After my post, I received a kind email from one of the primary developers for CyberPatriot asking that I
Security Research Reading Physical Memory using Carbon Black's Endpoint driver Enterprises rely on endpoint security software in order to secure machines that have access to the enterprise network. Usually considered the next step in the evolution of anti-virus solutions, endpoint