Start
About

HackTricks
CVE Exploit Database
Explain Shell
CyberChef – Base64
Port Swigger Web Sec
JWT Debugger
Paged Out Mag.
OWASP TOP TEN
PayloadsAllTheThings

START
WHO AM I

HomeWINPoisonKiller

PoisonKiller

KslKatzBOF

Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable API calls.

Additionally:

PoisonKiller BOF

Havoc BOF implementation of BYOVD attack to terminate PPL-protected EDR processes using a signed Microsoft kernel driver.

Tags

Newer
Older

Posted by Pentest IT

You may like these posts

Popular

Local Privilege Escalation in Windows 11 via Microsoft Recall

Local Privilege Escalation in Windows 11 via Microsoft Recall

April 16, 2026

OWASP top 10 - question series

OWASP top 10 - question series

April 15, 2026

Active Directory Pentesting Cycle (From Recon to Domain Admin)

Active Directory Pentesting Cycle (From Recon to Domain Admin)

April 16, 2026

Why PoCs and any software you build on your machine should be analyzed?

Why PoCs and any software you build on your machine should be analyzed?

April 13, 2026

Tags

AD
AI
CVE
Scenario
WIN
crypto
cs
history
ntlm
relay
reports
scanner
tools

© 2026 PENTEST-IT BLOG by I.K. | Information shared to be used for LEGAL purposes only

Menu Footer Widget

Home
About

Created By Blogger Theme | Distributed By Gooyaabi Templates

Contact form