Vulnerability research, technical write-ups, and insights from the field.
We reverse-engineered a signed anti-cheat kernel driver and discovered an IOCTL vulnerability that enables arbitrary process termination, including PPL-protected processes like Windows Defender and EDR agents.
Read more →How we found a critical XML External Entity vulnerability in a SAML-based SSO login portal, escalated from blind XXE to out-of-band file exfiltration, and achieved sensitive file read on the server.
Read more →