Bypassing DSE using vulnerable drivers.
Examining the PPL Windows security feature.
Exploiting kernel mode drivers to terminate protected processes.
Creating a Windows kernel mode driver to hide and kill processes.
Modifying Kernel data structures to hide processes and elevate privileges.
Executing arbitrary code inside a .NET process.
Using Local LLM’s to perform NMap scans.
Adding security monitoring to our CTF platform.
Exploiting PowerShell JEA configurations.
Adding vulnerabilities into our CTF environment using Ansible.
Exploiting dMSA accounts to become domain administrator.
Setting up an infrastructure penetration testing CTF.