core-jmp

core-jmp

death of core jump

  • Home
  • About
  • Privacy Policy

HomeRCE

Posts in category: RCE

Living off the Process

Living off the Process

February 23, 2026
by oxfemale BypassingEDRexploitationInjectionRCESecurityshellcodewindows

The article “Living off the Process” details a technique to inject and execute shellcode into a remote Windows process by reusing existing RWX memory, ROP gadgets, and threads within that process, avoiding conventional memory allocation and lowering detection footprint.

Read More
EventLog-in: Propagating With Weak Credentials Using the Eventlog Service in Microsoft Windows

EventLog-in: Propagating With Weak Credentials Using the Eventlog Service in Microsoft Windows (CVE-2025-29969)

February 23, 2026
by oxfemale Active DirectoryEventlogimpactMS-EVENNetworkRCERPCwindows

SafeBreach Labs disclosed a critical RCE in the MS-EVEN RPC service (CVE-2025-29969) that lets low-privilege users write arbitrary files remotely on Windows 11/Server 2025, bypassing share limits. Patched May 2025.

Read More

Recent Posts

  • Crimes against NTDLL – Implementing Early Cascade Injection
  • How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
  • Active Directory Security Assessment: Password Spraying, Privilege Escalation, and Kerberoasting
  • Reverse engineering undocumented Windows Kernel features to work with the EDR
  • Silent Harvest: Extracting Windows Secrets Under the Radar

Recent Comments

No comments to show.

Archives

  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Categories

  • access
  • ACE
  • ACL
  • Active Directory
  • AD CS
  • Administrator
  • alloc
  • ALPC
  • Antivirus
  • APC
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BitLocker
  • Bluetooth
  • BSoD
  • buffer overflow
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • CLFS
  • cmd
  • Containers
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • Debug
  • Defender
  • DEP
  • DFIR
  • DMA
  • Driver
  • dump
  • EDR
  • Encryption
  • Escalation
  • ESP32
  • Evasion
  • Eventlog
  • exploitation
  • filesystem
  • firmware
  • Flash
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • impact
  • Injection
  • IoT
  • kernel
  • kernel-mode
  • Library
  • Linux
  • LNK
  • Loader
  • LSA
  • Malware
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Protection
  • PXE
  • QEMU
  • RCE
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • Rust
  • SAM
  • Secure Boot
  • Security
  • shellcode
  • Shortcut
  • STM32H5
  • TEB
  • Telegram
  • TPM
  • UAC
  • UART
  • Uncategorized
  • user-mode
  • Warbird
  • WASM
  • winapi
  • winapi
  • WinDBG
  • windows
Log in
© 2026 core-jmp. All rights reserved.
Shopping Basket