Software Engineering and Security Research| Connor McGarr’s Blog
Examining the interface by which NT requests the services of SK through the SkBridge project| Connor McGarr’s Blog
Analysis of NT, Secure Kernel, and SKCI working together to create the initial SECURE_IMAGE object| Connor McGarr’s Blog
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).| Connor McGarr’s Blog
Porting part 2's ChakraCore exploit to Microsoft Edge while defeating ASLR, DEP, CFG, ACG, CIG, and other mitigations.| Connor McGarr’s Blog
Leveraging ChakraCore to convert our denial-of-service from part 1 into a read/write primtive and functioning exploit.| Connor McGarr’s Blog
End-to-end 'modern' browser exploitation on Windows beginning with configuring a browser exploitation environment, exploring JavaScript intrinsics, and understanding type confusion vulnerabilities.| Connor McGarr’s Blog
Examining recent changes to a highly-abused static structure, KUSER_SHARED_DATA, and its exploitation impact.| Connor McGarr’s Blog
Combining part 1's information leak vulnerability with a pool overflow vulnerability to obtain code execution via grooming the kLFH| Connor McGarr’s Blog
Leveraging the HackSysExtreme Vulnerable Driver to understand the Windows kernel pool, the impacts of kLFH, and bypassing kASLR from low integrity via out-of-bounds read vulnerabilities.| Connor McGarr’s Blog
Using SourcePoint’s JTAG debugger to investigate the implementation of Intel CET Shadow Stacks in kernel-mode on Windows| Home