Read how we discovered and exploited several severe flaws in a security product’s kernel mode driver due to a lack of user mode input validation.
Posts TaggedExploitation
Living Off Windows Land – A New Native File “downldr”
A newly discovered LOLBin offers an alternative to certutil for helping adversaries download files from a remote server. Meet desktopimgdownldr.exe.