core-jmp

core-jmp

death of core jump

  • Home
  • About
  • Privacy Policy

Homedrivers

Posts tagged: drivers

Снимок экрана 2026-02-03 в 13.50.46

Using EDR-Redir To Break EDR Via Bind Link and Cloud Filter

February 3, 2026
by oxfemale BYOVDBypassingEDRkernelProtectionwindows

the technique of exploiting the Bind Filter driver (bindflt.sys) to redirect folders containing the executable files of EDRs to a location that I completely control.

Read More

Recent Posts

  • EarlyBird APC Injection: A Deep Technical Analysis
  • Bypassing Administrator Protection by Abusing UI Access
  • PPLControlShells — Protected Process / PPL Control shells Tool
  • Process Injection via Component Object Model (COM) IRundown::DoCallback() for run cmd.exe from lsass.exe or other pids
  • Abusing Microsoft Warbird for Shellcode Execution

Recent Comments

No comments to show.

Archives

  • February 2026
  • January 2026
  • November 2025
  • September 2025

Categories

  • Administrator
  • alloc
  • APC
  • ASM
  • Audio
  • AV
  • BYOVD
  • Bypassing
  • Callbacks
  • Containers
  • cpp
  • Crypt
  • Debug
  • EDR
  • Escalation
  • Gadgets
  • Injection
  • kernel
  • Library
  • Loader
  • Plugins
  • powershell
  • PPL
  • Privilege
  • Protection
  • ROP
  • shellcode
  • UAC
  • Uncategorized
  • Warbird
  • WASM
  • winapi
  • winapi
  • windows
Log in
© 2026 core-jmp. All rights reserved.
Shopping Basket