The Hacker Library

A CTF-Style XSS Chain in the Wild: DOM Clobbering, Gadgets, and CSP Bypass

Post

antoniusblock

Jan 29, 2026

xss

DoubleClickjacking: A New Era of UI Redressing

Post

Paulos Yibelo

Nov 30, 2024

clickjackingweb

.NET Assembly Obfuscation for Memory Scanner Evasion

Post

eversinc33

dotnetmalware-developmentobfuscation

“Fileless” UAC Bypass using sdclt.exe

Post

Matt Nelson

Mar 17, 2017

powershellprivilege-escalationuacwindows

"Relaying" Kerberos - Having fun with unconstrained delegation

Post

Dirk-jan Mollema

27m

Feb 18, 2019

active-directorykerberoskerberos-delegationunconstrained-delegation

(Ab)using the Microsoft Identity Platform: Exploring Azure AD Token Caching

Post

Ruben Boonen

28m

Dec 15, 2023

entra-id

(Anti-)Anti-Rootkit Techniques - Part I: UnKovering mapped rootkits

Post

eversinc33

14m

Mar 23, 2024

malware-developmentrootkit

[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start?

Post

mdanilor

Aug 29, 2022

malware-developmentrootkit

[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash?

Post

Sep 11, 2022

exploit-developmentpwnwindows

[Cracking Windows Kernel with HEVD] Chapter 2: Is there a way to bypass kASLR, SMEP and KVA Shadow?

Post

Nov 29, 2022

exploit-developmentkernelprivilege-escalationshellcodewindows

[Cracking Windows Kernel with HEVD] Chapter 3: Can we rop our way into triggering our shellcode?

Post

Nov 30, 2022

exploit-developmentkernelshellcodewindows

[Cracking Windows Kernel with HEVD] Chapter 4: How do we write a shellcode to elevate privileges and gracefully return to userland?

Post

Jan 8, 2023

exploit-developmentkernelprivilege-escalationshellcodewindows

[EN] Unsecure time-based secret and Sandwich Attack - Analysis of my research and release of the “Reset Tolkien” tool

Post

injectionphpvulnerability-scannerweb

[Research] Bypassing Windows Kernel Mitigations: Part1

Post

Dec 8, 2024

exploit-developmentkernelsyscallwindows

0 Click ATO with the Sandwich Attack

Post

Roni Carta

Aug 11, 2023

password-resetuuidweb

0x00 - Introduction to Windows Kernel Exploitation

Post

Nov 29, 2024

exploit-developmentkernelprivilege-escalationpwnshellcodewindows

0x03 - Approaching the Modern Windows Kernel Heap

Post

Dec 21, 2024

exploit-developmentkernelmemory-dumpingprivilege-escalationwindows

A "deep dive" in Cert Publishers Group

Post

Decoder

Nov 20, 2023

active-directoryad-groupsadcs

A Case Study in Wagging the Dog: Computer Takeover

Post

Harmj0y

Feb 28, 2019

active-directorykerberoskerberos-delegationresource-based-constrained-delegation

A Guide to Attacking Domain Trusts

Post

Harmj0y

36m

Oct 30, 2017

active-directoryad-trusts