Debugging Windows Isolated User Mode (IUM) Processes https://blog.quarkslab.com/debugging-windows-isolated-user-mode-ium-processes.html

Exploit Equivalence Classes https://blog.isosceles.com/exploit-equivalence-classes/

Finding Deserialization Bugs in the Solarwind Platform https://www.zerodayinitiative.com/blog/2023/9/21/finding-deserialization-bugs-in-the-solarwind-platform

DNSWatch - DNS Traffic Sniffer and Analyzer https://www.kitploit.com/2023/08/dnswatch-dns-traffic-sniffer-and.html?m=1

(Tool) Garble: Obfuscate Go builds https://github.com/burrowers/garble

CrackMapExec: A swiss army knife for pentesting networks https://github.com/mpgn/CrackMapExec

CVE-2023-38146: Arbitrary Code Execution via Windows Themes https://exploits.forsale/themebleed/

How Microsoft Had Signing Key Compromised - Results of Major Technical Investigations for Storm-0558 Key Acquisition https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/

Flax Typhoon using legitimate software to quietly access Taiwanese organizations https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/

Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation) https://github.com/malcomvetter/Periscope

Exploring Impersonation through the Named Pipe Filesystem Driver https://jsecurity101.medium.com/exploring-impersonation-through-the-named-pipe-filesystem-driver-15f324dfbaf2

DHS: Ransomware attackers headed for second most profitable year https://therecord.media/dhs-ransomware-headed-for-second-profits

A Big Look at Security in OpenAPI https://blog.liblab.com/a-big-look-at-security-in-openapi/

SandBlaster: Reversing the Apple sandbox from Cellubrite Labs https://github.com/cellebrite-labs/sandblaster

MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file https://blogs.jpcert.or.jp/en/2023/08/maldocinpdf.html

NetNTLMv1 Downgrade to compromise https://www.r-tec.net/r-tec-blog-netntlmv1-downgrade-to-compromise.html

Flax Typhoon using legitimate software to quietly access Taiwanese organizations https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime https://github.com/TheD1rkMtr/UnhookingPatch

Journey into Windows Kernel Exploitation: The Basics https://blog.neuvik.com/journey-into-windows-kernel-exploitation-the-basics-fff72116ca33

Blinding EDR On Windows https://synzack.github.io/Blinding-EDR-On-Windows/