If we choose, we can live in a world of comforting illusion.
– Noahm Chomsky
– Noahm Chomsky
In the last post we analyzed some drivers for potential security issues, this blog post will document the identification and exploitation of a vulnerable driver, LSI PCI-SV92EX Soft Modem Kernel Driver (AGRSM64.sys v2.2.100.0).
This blog post is about setting up a testing environment for Windows kernel driver vulnerabilities. We will look at obtaining and loading target kernel drivers, analyze permissions and injecting payloads from user-land. I'll post some links for a full testing setup as well, so you can get started on hacking your own drivers in no time.
In this blog post I'll discuss a simplified aproach to internal security assessments. We will take a look at different testing scenarios and variants and their methodologies and why organizations in the vast majority of cases probably don't want/need a red team assessment.
In 2023, the threat landscape is expected to be complex and challenging, with cybercriminals becoming more sophisticated in their methods. To stay safe in the evolving threat landscape, organizations must prioritize cybersecurity and take proactive steps to protect their digital assets.