BlackHat 2008 - Pointers and Handles - A Story of Unchecked Assumptions in the Windows Kernel
BlackHat 2013 - Visualizing Page Tables for Hacking Like in the Movies
BlackHat 2015 - Battle of SKM and IUM
BlackHat 2016 - The Linux Kernel hidden inside Windows 10
BlackHat 2018 - The Windows Notification Facility, the most undocumented kernel attack surface yet
BlueHat 2016 - Gaining Visiblity into Linux Binaries on Windows - Defend and Understand WSL
BlueHat 2017 - Baby's First Bounty
BreakPoint 2012 - Windows 8 Security and ARM
CanSecWest 2018 - The Shadow Network Stack in Windows 8
EkoParty 2017 - The Bird that killed Arbitrary Code Guard
EuskalHack 2017 - Universally Bypassing CFG Through Mutability Abuse
Google 2013 - Reactos - The Crazy Open Source Attempt to Reimplement Windows from Scratch
ISA 2018 - Next Gen Windows Security - Secure Launch, SGRM, CET and Other RS5 Changes
ITCAMP 2014 - Security architecture improvements in Windows 81
Infiltrate 2015 - Insection - Awesomly Exploiting Shared Memory Objects
Infiltrate 2019 - DKOM 30 - Hiding and Hooking with Windows Extension Hosts
NoSuchCon 2013 - Ninjas and Harry Potter - Spellunking in the Apple SMC Land
NoSuchCon 2014 - Unreal Mode - Breaking Protected Processes
OPCDE 2018 - Inside the Octagon
OffensiveCon 2018 - Advancing the state of UEFI Boot Kits
Recon 2006 - Subverting Windows 2003 SP1 Kernel Integrity Protection
Recon 2012 - Windows User-Mode Drivers
Recon 2013 - I've got 99 problems but a kernel pointer aint one
Recon 2015 - Hooking Nirvana - Stealthy Instrumentation Techniques
Recon 2016 - Abusing the Kernel Shim Engine
Recon 2017 - Fun with SAM - Inside the Surface Aggregator Module
Recon 2018 - Unknown Known DLLs and other code integrity trust violations
ReconBru 2017 - Getting Physical with USB Type-C, Windows 10 RAM Forensics and UEFI Attacks
Samsung 2014 - Security Over-engineering - Caches of Caches of Chaos
SyScan 2012 - ACPI 5.0 Attacks Against Win 8
SyScan 2013 - Hotpatching the Hotpatcher
SyScan 2014 - All about the ALPC, RPC, LPC, LRPC in your PC
SyScan 2015 - Ring 0 to Ring -1 Attacks
SyScan360 2017 - The Noble Gases of Windows Containers
TLV 2019 - KASLR & The Evolution of Windows Security
WOOT 2020 - OS Security Is Hard, Why All The Fuzzer in the World Won't Change the way Platform Security is Failing Us
Waterloo 2007 - The ReactOS Project