👨🏻‍💻 About me:

I am an experienced security researcher who has worked in various cybersecurity roles. My main interests are OS internals, reverse engineering, kernel development and exploit development. In my free time, I am working on projects regarding evasion, persistence, and injection methods for UEFI, kernel, and user mode. Based on these, I publish educational papers and presents talks to give back to the cybersecurity community.

📧 Feel free to contact me viaTwitter,Telegram ormail regarding any of my projects or publications.

💭 Currently working on:

• New projects

• New papers

• New talks

🌐 My blog posts:

• Lord Of The Ring0

• timeout /t 31 && start evil.exe

• Rust101 - Building a ransomware

• The good, the bad and the stomped function

• UdpInspector - Getting active UDP connections without sniffing

🗣️ Talks:

• Kernel Games: The Ballad of Offense & Defense - X33fCon 2024
• (Lady|)Lord Of The Ring0 - BSidesTLV 2023

⚒️ Programming Languages ⚒️

                        

PinnedLoading

1. NidhoggNidhoggPublic

   Nidhogg is an all-in-one simple to use windows kernel rootkit.

   C++ 1.9k 281

2. SandmanSandmanPublic

   Sandman is a NTP based backdoor for red team engagements in hardened networks.

   C# 783 107

3. FunctionStompingFunctionStompingPublic

   Shellcode injection technique. Given as C++ header, standalone Rust program or library.

   Rust 695 95

4. CronosCronosPublic

   PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.

   C 577 62

5. VenomVenomPublic

   Venom is a library that meant to perform evasive communication using stolen browser socket

   C++ 375 56

6. JormungandrJormungandrPublic

   Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.

   C++ 229 27