HomeEventlog

Posts in category: Eventlog

Reverse engineering undocumented Windows Kernel features to work with the EDR

March 14, 2026

by oxfemale Antivirus Bypassing Defender EDR Eventlog kernel Malware Protection Reverse Engineering Security winapi winapi WinDBG windows

This article demonstrates how to reverse engineer the Windows 11 kernel to understand undocumented internals behind memory operations and ETW Threat Intelligence events, helping security engineers improve EDR telemetry and detect remote process memory writes.

EventLog-in: Propagating With Weak Credentials Using the Eventlog Service in Microsoft Windows (CVE-2025-29969)

February 23, 2026

by oxfemale Active Directory Eventlog impact MS-EVEN Network RCE RPC windows

SafeBreach Labs disclosed a critical RCE in the MS-EVEN RPC service (CVE-2025-29969) that lets low-privilege users write arbitrary files remotely on Windows 11/Server 2025, bypassing share limits. Patched May 2025.

core-jmp

Posts in category: Eventlog

Reverse engineering undocumented Windows Kernel features to work with the EDR

EventLog-in: Propagating With Weak Credentials Using the Eventlog Service in Microsoft Windows (CVE-2025-29969)

Recent Posts

Recent Comments

Archives

Categories