Why <blank> Gets You Root-More details on the reversing process & root cause of IAmRoot/cve-2017-13872, and analysis of Apple’s patch
Symantec Encryption Desktop Local Privilege Escalation – Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS
Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’
tools Linux Expl0rer：Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.
tools IDA Batch Decompile is a plugin for Hex-Ray's IDA Pro that adds the ability to batch decompile multiple files and their imports with additional annotations (xref, stack var size) to the pseudocode .c file
tools TeamViewer_Permissions_Hook_V1：A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.