WinAPI 9

• Reverse engineering a trojanized VSCode extension Mar 9, 2026
• Windows Persistence (Part 1): Default file extension hijacking Mar 9, 2026
• Exploring the Kernel-Mode attack surface: Reverse engineering a vulnerable Driver abused to terminate EDRs Mar 2, 2026
• APC injection Mar 2, 2026
• Process Injection - DLL Injection Feb 6, 2026
• Constructing an evasive keylogger for security research Jan 23, 2026
• Ransomware: reversing what was (supposedly) irreversible Nov 15, 2025
• Building a Debugger from Scratch: Part 2 - Process Exploration and Debug Control Nov 9, 2025
• Process Injection (Remote Thread Injection) using Windows APIs Nov 23, 2024