bohops bohops.com

A blog about cybersecurity research, education, and news

Abusing .NET Core CLR Diagnostic Features (+ CVE-2023-33127)
bohops.com·129w
No Alloc, No Problem: Leveraging Program Entry Points for Process Injection
bohops.com·153w
Investigating .NET CLR Usage Log Tampering Techniques For EDR Evasion (Part 2)
bohops.com·194w
Unmanaged Code Execution with .NET Dynamic PInvoke
bohops.com·215w
Analyzing and Detecting a VMTools Persistence Technique
bohops.com·240w
CVE-2021-0090: Intel Driver & Support Assistant (DSA) Elevation of Privilege (EoP)
bohops.com·249w
Abusing and Detecting LOLBIN Usage of .NET Development Mode Features
bohops.com·259w
Investigating .NET CLR Usage Log Tampering Techniques For EDR Evasion
bohops.com·269w
Exploring the WDAC Microsoft Recommended Block Rules (Part II): Wfc.exe, Fsi.exe, and FsiAnyCpu.exe
bohops.com·289w
Exploring the WDAC Microsoft Recommended Block Rules: VisualUiaVerifyNative
bohops.com·291w

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help