android Unrestricting Android Native Dynamic Library Linking Bypassing linker namespaces to dynamically link libraries.
kernel Featured Sysmon Internals - From File Delete Event to Kernel Code Execution Sysmon File Delete Event Internals and Kernel Code Execution
anti-forensics Sysmon Image File Name Evasion Abusing a bug in Sysmon's driver to fake source processes' image file names.
offense NINA: x64 Process Injection NINA: No Injection, No Allocation x64 Process Injection Technique.
antivirus Introduction to Threat Intelligence ETW A quick look into ETW capabilities against malicious API calls.