Windows 11 has a bug where the RDP session hangs on login. It's unclear if the Windows 11 24H2 base release is at fault.

During red team operations, stealth is a critical component. We spend a great deal of time ensuring our payloads will evade ...

Keep in mind that Google and Chrome keys in Step 2 might not be available, so you’ll have to create them manually. Paste the following code and run it: reg add HKLM\Software\Policies\Google\Chrome /v ...

Having an incognito mode is important in browsers like Chrome. Not only does it help you browse privately without leaving a trail of the websites you have visited, but it also provides a convenient ...

日前，技术团队MASSGRAVE发布博文，宣布成功突破Windows的核心DRM系统软件保护平台（SPP），发现了迄今为止最强大的Windows激活漏洞TSforge，能够激活Windows7以来所有版本的Windows系统，以及Office2013 ...

The Praetorian Labs team was tasked with identifying novel and previously undocumented persistence mechanisms for use in red team engagements. Our primary focus was on persistence techniques ...

微软已通过发布更新版本的 fvevol.sys 驱动程序解决了此漏洞。该补丁引入了一种验证机制，确保 dumpfve.sys 仍然列在 DumpFilters 注册表值中。如果它丢失或损坏，Windows 将在启动过程中立即崩溃，从而防止未加密的数据被写入磁盘。

激活数据存储位置的探索: 研究人员发现激活数据存储在“可信存储区”中，该存储区的数据以加密文件形式保存，并与 HKLM\SYSTEM\WPA 下的加密注册表项相关联。 在 Windows 8.1 和 10 上，数据主要存储在 ...

IT之家 2 月 15 日消息，技术团队 MASSGRAVE 昨日（2 月 14 日）发布博文，宣布成功突破 Windows 的核心 DRM 系统软件保护平台（SPP）， 发现了迄今为止最强大的 Windows 激活漏洞 TSforge，能够激活 Windows 7 以来所有版本的 Windows 系统，以及 Office 2013 以来的所有版本和附加组件。 微软软件保护平台（SPP）是 ...

不过 AES-XTS 也并非无懈可击，该漏洞利用 BitLocker 处理崩溃转储配置的设计缺陷，通过破坏单个注册表项（HKLM\System\ControlSet001\Control\CrashControl），攻击者可以禁用 dumpfve.sys 崩溃转储过滤器驱动程序。 这将强制 Windows 内核将未加密的休眠镜像 直接写入磁盘 ...

A fresh stable release of Wine — the open-source compatibility layer that makes it possible to run Windows apps and games on Linux and macOS — has been uncorked. More than 6,000 thousand changes were ...