.Astral has been fuzzing HyperV and we've just released his write up and tooling labs.mwrinfosecurity.com/blog/ventures-…

Want to know the details of Windows embedded Authenticode signatures? Maybe how one can do digital signature checks from a KM driver and the pain of bcrypt. Check out astralvx.com/index.php/2020…

Interested in ACL, ACEs, SecurityDescriptor, SIDs implementation in the kernel and how one can use them in a driver. astralvx.com/access-checks-…

Interested in how the Windows Kernel PNP Manager enumerates PCI devices and how it finds existing SYS/INF files or loads new ones? astralvx.com/pnp-manager-de…

Check out the all DEF CON 28 badge challenges write-up. A wild ride from audio processing, oscilloscopes, dial tones, Ghost busters, Commodre 64, to many ciphers, trap doors, trivia, and rabbit holes. astralvx.com/def-con-28-bad… DEF CON

Never assume ExAllocatePoolWithTag() will succeed like so many devs do. One of the rare cases where my system ran out of kernel NonPagedPool from too many allocations.

Want to know how you attack the kernel via DMA? How the PCIe bus works, how the packets are structured, how IOMMU and DMA protection blocks you? astralvx.com/dma-explained/

To Windows driver devs - the commonly used ExAllocatePoolWithTag() offered since Windows 2000 is now deprecated 😅 and we have to use ExAllocatePool2(). docs.microsoft.com/en-us/windows-…

Did you know you can build and debug 16-bit Real Mode assembly in Windows with QEMU? Check out my blog to find out more and relive the DOS and BIOS interrupts days 😅 astralvx.com/debugging-16-b…

Check out this deep dive introduction to PCIe devices/specifications/Config Address Space/BARs/interrupts/2 bit encoding/Link level encryption, and how they’re used in the Windows OS. astralvx.com/introduction-t…