Extracting Cobalt Strike from Windows Error Reporting
Windows Error Reporting is an extremely useful but under utilised artifact. This entry goes into how we can extract malware from the Windows Error Reporting process dumps.
W3WProtect – A look into preventing IIS Exploitation
A look into how Kernel Drivers can better protect IIS against exploitation.