Aleksandar Milenkoski

@milenkowski

IT security. Windows internals. Researcher4life.

Vrijeme pridruživanja: ožujak 2012.

Tweetovi

Blokirali ste korisnika/cu @milenkowski

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @milenkowski

  1. 14. sij

    [4/4] Credits are not mine alone. They primarily go to my exceptional master’s student . See you at , Pablo! Feel free to contact us if you have any questions.

    Prikaži ovu nit
    Poništi
  2. 14. sij

    [3/4] There are more "elegant" ways to monitor Telemetry ETW activities. We focus on the windbg alternative because it provides kernel-level insight (useful for extracting info available only at this level) + others may easily extend the scripts to extract any related info.

    Prikaži ovu nit
    Poništi
  3. 14. sij

    [2/4] Windows Telemetry ETW Monitor consists of two components: - the Windbg Framework: a set of windbg scripts for monitoring Telemetry ETW activities - the Telemetry Information Visualization (TIV) framework: visualization of information and statistics (web format).

    Prikaži ovu nit
    Poništi
  4. 14. sij

    Hey, new upload to Windows-Insight - the Windows Telemetry ETW Monitor framework: The framework monitors and reports on ETW (Event Tracing for Windows) activities for providing data to Windows Telemetry. Works on Windows 10, version 1909. [Thread: 1/4]

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet

    ACTUAL effective improvements to security come from building mitigations to kill entire classes of vulns, not bug hunting. You can stumble on a single CVE, does that make you leet? No. If you find 80+ while fuzzing a component? Maybe, POC||GTFO applies tho And, finally..(2/3)

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet

    Our training "Insight into Windows Internals" from delivers basic knowledge on the core components and inner working principles of the operating system. Check it out!🧐

    Poništi
  7. proslijedio/la je Tweet
    6. pro 2019.

    Slides and material from our talk on attacking container build systems from are now online: And so is Terrier, the CI-oriented container integrity verification tool (mainly due to the amazing effort of the ):

    Poništi
  8. Hey, new uploads to Windows-Insight: - an article on invocations between ci.dll and skci.dll: ; - a WiP paper on a framework for executing Hyper-V hypercalls (this allows fuzzing and testing performance): (code will follow soon!)

    Poništi
  9. Hey, I just uploaded a couple of articles on DeviceGuard/WDAC internals in the Windows-Insight repo: . More articles on WDAC internals focusing on the most recent implementation (incl. new policy file management, driver blacklisting etc.) coming soon!

    Poništi
  10. Super excited for visiting offices @ Redmond for the first time! We (+ ) had great discussions with some awesome people!

    Poništi
  11. proslijedio/la je Tweet
    3. lis 2019.
    Poništi
  12. proslijedio/la je Tweet
    27. kol 2019.

    Yesterday was Amazing - went to VMworld to be part of the first public demo of VMware Workstation running on top of the Hyper-V Hypervisor :

    Poništi
  13. Happy to announce that a paper of my research team ’s Research Group was accepted at WoSAR ! We research on testing behavior aspects of ’s Hyper-V, including Virtual Secure Mode setups. A testing framework and results will be published soon!

    Poništi
  14. proslijedio/la je Tweet
    22. srp 2019.
    Poništi
  15. proslijedio/la je Tweet
    11. srp 2019.

    TR19: The Anatomy of Windows Telemetry, by &

    Poništi
  16. proslijedio/la je Tweet
    24. lip 2019.

    If you write about Windows internals, then to be asked where you get your information from is a sign that you are presenting it wrong. If you read about Windows internals and you wonder where names and types have come from, then don't indulge the writer: disregard them as sloppy.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    11. lip 2019.

    6 Hyper-V CVE's were fixed today! 1 DOS found by the Hyper-V dev team. 1 RCE found by Qihoo360 IceSword Lab. 2 DOS and 1 RCE found by me. 1 RCE found by an anonymous research and me.

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    7. lip 2019.

    That was quicker than I anticipated... the book is now available in print from Amazon!

    Poništi
  19. proslijedio/la je Tweet
    3. lip 2019.

    If you are into Windows Kernel stuff, (Pavel Yosifovich)’s Windows Kernel Programming book is a MUST. This is THE book I was waiting for for years. I bought it today and already finished 4 chapters. Brilliant book! Practical, to the point.

    Poništi
  20. We will aim at updating the repository continuously, that is, as soon as new research comes up and/or when publication of research results originating from project work is allowed. For example, we expect to publish soon new contents on the latest Windows 10 LTSC release.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·