DEFCON 33 - Red Team VillageExplored advanced security mechanisms that major browsers implemented to prevent cookie theft. Demonstrated vulnerabilities in Chrome's AppBound encryption, including 2-way DPAPI encryption and ChaCha20Poly1305 state-key encryption layers.
BSides Las Vegas 2025Same presentation covering browser security mechanisms, encryption methodologies, and Chrome's Device Bound Session Cookies (DBSC) technology designed to mitigate session hijacking through TPM chip-based encryption.
Hakai Offensive Security BlogDetailed analysis of CVE-2024-21338, a Windows admin-to-kernel elevation of privilege vulnerability. Exploits the appid.sys driver through IOCTL communication to corrupt the PreviousMode field in _KTHREAD thread context, enabling kernel access.
Ekoparty 2023Presentation on COFF (Common Object File Format) and beacon_inline_execute. Covered how BOFs can be used to execute code in-memory without loading shellcode, bypassing AV/EDR protection and escalating C2 agent capabilities.