core-jmp

Reverse engineering undocumented Windows Kernel features to work with the EDR

March 14, 2026

by oxfemale Antivirus Bypassing Defender EDR Eventlog kernel Malware Protection Reverse Engineering Security winapi winapi WinDBG windows

This article demonstrates how to reverse engineer the Windows 11 kernel to understand undocumented internals behind memory operations and ETW Threat Intelligence events, helping security engineers improve EDR telemetry and detect remote process memory writes.

Malware and cryptography 44 – encrypt/decrypt payload via Discrete Fourier Transform. Simple C example.

March 10, 2026

by oxfemale cpp Cryptography Encryption Malware powershell powershell shellcode windows

Demonstration how malware can encrypt and decrypt payloads using the Discrete Fourier Transform (DFT). It provides a simple C example showing how mathematical transforms can hide shellcode and help evade static signature-based detection.

core-jmp

Posts in category: Malware

Reverse engineering undocumented Windows Kernel features to work with the EDR

Malware and cryptography 44 – encrypt/decrypt payload via Discrete Fourier Transform. Simple C example.

Recent Posts

Recent Comments

Archives

Categories