core-jmp

core-jmp

death of core jump

  • Home
  • windows
  • Reverse Engineering
  • exploitation
  • shellcode
  • About
  • Privacy Policy

HomeHypervisor

Posts in category: Hypervisor

Hypervisor-Based Defense (Windows Kernel Protection)

Hypervisor-Based Defense (Windows Kernel Protection)

April 1, 2026
by oxfemale BYOVDHypervisorkernelVirtualizationwindows

The article explains how a defensive hypervisor can protect Windows systems from kernel attacks such as BYOVD by monitoring memory and enforcing protections below the OS using Intel VT-x and EPT virtualization features.

Read More

Recent Posts

  • Blinding the Defenders: Inside Qilin’s EDR-Killer Malware
  • Breaking Process Protection: Exploiting CVE-2026-0828 in ProcessMonitorDriver.sys
  • Credential Dumping from LSASS (Windows Authentication Secrets)
  • Hypervisor-Based Defense (Windows Kernel Protection)
  • Reverse engineering Realtek RTL8761B* Bluetooth chips, to make better Bluetooth security tools & classes

Archives

  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Active Directory Active Directory Security byovd bypass cpp EDR EDRBypass EDR Evasion EDREvasion Embedded Security Embedded Systems Exploit Development Firmware Reverse Engineering Hardware Hacking Hardware Security injection IoT Security Kernel Debugging Kernel Exploitation lsass Memory Corruption Offensive Security poc Post-Exploitation PPL Privilege Escalation Process Injection red team RedTeam Red Teaming Red Team Techniques remote code execution Reverse Engineering ROP Security Research shellcode TPM Vulnerability Research winapi WinDBG windows Windows Internals Windows Kernel Windows security WindowsSecurity

Categories

  • .NET
  • access
  • ACE
  • ACL
  • Active Directory
  • Active Directory
  • AD CS
  • Administrator
  • AI Agents
  • AI Security Research
  • alloc
  • ALPC
  • Antivirus
  • APC
  • Apple Silicon
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BIOS
  • BitLocker
  • Blue team
  • Bluetooth
  • Boot ROM
  • Broadcom
  • BSoD
  • buffer overflow
  • BYOUD
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • CIMOM
  • Cisco
  • CLFS
  • cmd
  • COM
  • Containers
  • Cortex XDR
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • DCOM
  • Debug
  • Defender
  • DEP
  • Deserialization
  • DFIR
  • DMA
  • DNS
  • Driver
  • dump
  • EDR
  • Embedded
  • Encryption
  • Escalation
  • ESP32
  • Evasion
  • Eventlog
  • Exploit Development
  • exploitation
  • filesystem
  • firmware
  • Flash
  • FreeBSD
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • Hooking
  • Hypervisor
  • Impacket
  • impact
  • Injection
  • IOCTL
  • IoT
  • JIT
  • Kerberos
  • kernel
  • kernel-mode
  • LDAP Relay
  • Library
  • Linux
  • LLM
  • LLM Exploit Development
  • LNK
  • Loader
  • LOLExfil
  • LSA
  • LSASS
  • MacOS
  • Malware
  • MCP
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • NTLM Relay
  • NVMe
  • ODR
  • Palo Alto
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • PHP
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Protection
  • PXE
  • Python
  • QEMU
  • Race Condition
  • RCE
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • RTTI
  • Rust
  • SAM
  • Secure Boot
  • Security
  • Security
  • shellcode
  • Shortcut
  • SPI Flash
  • Stack Overflow
  • STM32H5
  • TCP/IP
  • TEB
  • Telegram
  • Telnetd
  • TPM
  • UAC
  • UART
  • UEFI
  • Uncategorized
  • Use-After-Free
  • user-mode
  • Virtualization
  • VMProtect
  • VMware
  • Warbird
  • WASM
  • WEB
  • winapi
  • winapi
  • WinDBG
  • windows
  • Windows Admin Center
  • Winsock
  • WMI
  • Wordpress
  • WSL
  • XNU Kernel
Log in
    © 2026 core-jmp. All rights reserved.
    Shopping Basket