BlackHat 2008 - Pointers and Handles - A Story of Unchecked Assumptions in the Windows Kernel

BlackHat 2013 - Visualizing Page Tables for Hacking Like in the Movies

BlackHat 2015 - Battle of SKM and IUM

BlackHat 2016 - The Linux Kernel hidden inside Windows 10

BlackHat 2018 - The Windows Notification Facility, the most undocumented kernel attack surface yet

BlueHat 2016 - Gaining Visiblity into Linux Binaries on Windows - Defend and Understand WSL

BlueHat 2017 - Baby's First Bounty

BreakPoint 2012 - Windows 8 Security and ARM

CanSecWest 2018 - The Shadow Network Stack in Windows 8

EkoParty 2017 - The Bird that killed Arbitrary Code Guard

EuskalHack 2017 - Universally Bypassing CFG Through Mutability Abuse

Google 2013 - Reactos - The Crazy Open Source Attempt to Reimplement Windows from Scratch

ISA 2018 - Next Gen Windows Security - Secure Launch, SGRM, CET and Other RS5 Changes

ITCAMP 2014 - Security architecture improvements in Windows 81

Infiltrate 2015 - Insection - Awesomly Exploiting Shared Memory Objects

Infiltrate 2019 - DKOM 30 - Hiding and Hooking with Windows Extension Hosts

NoSuchCon 2013 - Ninjas and Harry Potter - Spellunking in the Apple SMC Land

NoSuchCon 2014 - Unreal Mode - Breaking Protected Processes

OPCDE 2018 - Inside the Octagon

OffensiveCon 2018 - Advancing the state of UEFI Boot Kits

Recon 2006 - Subverting Windows 2003 SP1 Kernel Integrity Protection

Recon 2012 - Windows User-Mode Drivers

Recon 2013 - I've got 99 problems but a kernel pointer aint one

Recon 2015 - Hooking Nirvana - Stealthy Instrumentation Techniques

Recon 2016 - Abusing the Kernel Shim Engine

Recon 2017 - Fun with SAM - Inside the Surface Aggregator Module

Recon 2018 - Unknown Known DLLs and other code integrity trust violations

ReconBru 2017 - Getting Physical with USB Type-C, Windows 10 RAM Forensics and UEFI Attacks

Samsung 2014 - Security Over-engineering - Caches of Caches of Chaos

SyScan 2012 - ACPI 5.0 Attacks Against Win 8

SyScan 2013 - Hotpatching the Hotpatcher

SyScan 2014 - All about the ALPC, RPC, LPC, LRPC in your PC

SyScan 2015 - Ring 0 to Ring -1 Attacks

SyScan360 2017 - The Noble Gases of Windows Containers

TLV 2019 - KASLR & The Evolution of Windows Security

WOOT 2020 - OS Security Is Hard, Why All The Fuzzer in the World Won't Change the way Platform Security is Failing Us

Waterloo 2007 - The ReactOS Project