EDK2
EFI
PE
UEFI
anti-cheats
- Hiding execution of unsigned code in system threads
- BattlEye client emulation
- Cracking BattlEye packet encryption
- Why anti-cheat software utilize kernel drivers
- How Escape from Tarkov ensures game integrity
- How anti-cheats detect system emulation
- CVEAC-2020: Bypassing EasyAntiCheat integrity checks
- BattlEye reverse engineer tracking
- Bypassing BattlEye from user-mode
- BattlEye communication hook
- BattlEye hypervisor detection
- BattlEye single stepping
- BattlEye stack walking
- BattlEye shellcode updates
- BattlEye anti-cheat: analysis and mitigation
anti-debug
automation
battleye
- BattlEye client emulation
- Cracking BattlEye packet encryption
- How Escape from Tarkov ensures game integrity
- How anti-cheats detect system emulation
- BattlEye reverse engineer tracking
- Bypassing BattlEye from user-mode
- BattlEye communication hook
- BattlEye hypervisor detection
- BattlEye single stepping
- BattlEye stack walking
- BattlEye shellcode updates
- BattlEye anti-cheat: analysis and mitigation
binary-exploitation
blue-pill
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
bootkit
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization - Bootkitting Windows Sandbox
bug bounty
burp-suite
cryptography
csgo
ctf
debugging
drm
dropbox
easy-anti-cheat
eft
exploit
fuzzing
game-exploitation
game-hacking
gatekeeper
guest
hypervisors
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization - How anti-cheats detect system emulation
intel
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
kernel
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization - Hiding execution of unsigned code in system threads
lifting
llvm
macos
memory-corruption
memory-introspection
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
obfuscation
pwn
reverse-engineering
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization - How Runescape catches botters, and why they didn't catch me
- BattlEye client emulation
- Cracking BattlEye packet encryption
- Abusing DComposition to render on external windows
- Why anti-cheats block overclocking tools
- How Escape from Tarkov ensures game integrity
- How anti-cheats detect system emulation
- Kernel debugging in seconds with Vagrant
- BattlEye reverse engineer tracking
- Bypassing BattlEye from user-mode
- BattlEye communication hook
- BattlEye hypervisor detection
- BattlEye single stepping
- BattlEye stack walking
- BattlEye shellcode updates
- Bypassing kernel function pointer integrity checks
- Hooking the graphics kernel subsystem
- Exam surveillance - the return. (ExamCookie)
- The nadir of surveillance (Den Digitale Prøvevagt)
- BattlEye anti-cheat: analysis and mitigation
- Reverse engineering 'Black Desert Online' (2. Speed -> local entity)
- Reverse engineering 'Black Desert Online' (1. Preface)
rootkit
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
rust
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
security-bypass
source-engine
synthesis
tpm
uefi
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
virtualization
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
visual-studio
vmprotect
vt-x
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization
windows
- Hypervisors for Memory Introspection and Reverse Engineering
memN0ps in
hypervisors,
memory-introspection,
reverse-engineering,
windows,
uefi,
kernel,
blue-pill,
bootkit,
rootkit,
intel,
vt-x,
rust,
virtualization - RISC-Y Business: Raging against the reduced machine
- Abusing undocumented features to spoof PE section headers
- Bootkitting Windows Sandbox
- Windows 11: TPMs and Digital Sovereignty
- Preventing memory inspection on Windows
- BitLocker touch-device lockscreen bypass
- Process on a diet: anti-debug using job objects
- BitLocker Lockscreen bypass
- Hiding execution of unsigned code in system threads
- New year, new anti-debug: Don't Thread On Me
- Windows Telemetry service elevation of privilege
- Abusing DComposition to render on external windows
- Why anti-cheats block overclocking tools
- From directory deletion to SYSTEM shell
- Kernel debugging in seconds with Vagrant
- Bypassing kernel function pointer integrity checks
- Hooking the graphics kernel subsystem