Component Engineering: Automatic Evasive API Hashing

Building an automated API hashing tool as a sub-component of the APT simulation framework — using Extreme Programming to iterate from JSON config parsing through stub generation, compilation, and VirusTotal submission.

Apr 14, 2026 MalwareDevelopment, FeebleDream

CVE-2025-60419: Driver-induced Denial of Service via IOCTL handling

CVE-2025-60419 — a null-pointer dereference DoS in RtkIOAC60.sys triggered by sending an empty IRP buffer to IOCTL_NDISPROT_SET_EVENT, with full PoC.

Oct 24, 2025 Research, VulnerabilityHunting

Playing with RPCs to eventually exploit it

Exploring Windows RPC interfaces in Winlogon.exe — hunting misconfigured security callbacks, tracing dispatch tables via dynamic and static analysis, and finding DoS primitives.

Oct 1, 2025 Research, VulnerabilityHunting

Adding Kernel Primitives and Information Gathering: FeebleDream development PT-2

FeebleDream v3.0 PT-2: implementing the IOCTL dispatch wrapper for kernel primitives (sKPE) and a COM-based system information gathering module.

Sep 15, 2025 MalwareDevelopment, FeebleDream

IOMMU Bypass: Finding Potential Misconfiguration

Investigating IOMMU misconfiguration as an avenue to exploit a PCI Configuration Space R/W primitive — dumping ACPI DMAR tables and scanning reserved memory regions.

Sep 14, 2025 Research, KernelExploitation

Making THE Malware: FeebleDream development

FeebleDream v3.0 development log: building a structured logging system and a resilient driver-loading module with service management.

Sep 14, 2025 MalwareDevelopment, FeebleDream

Expanding the Hunting Horizons using RIP Manipulation

Using RIP register manipulation via an MSR R/W vulnerability to force hidden drivers to expose their devices — methodology, observations, and findings.

Sep 5, 2025 Research, KernelExploitation