Writing a Simple Key Logger

Pavel Yosifovich June 2, 2025

In this video, I build a simple keylogger using the GetKeyState API in Windows. We

Dive in

Running an Executable as SYSTEM: Unlocking Windows Privilege Escalation Techniques

Pavel Yosifovich April 17, 2025

In this hands-on session, Pavel Yosifovich demonstrates how to launch a process under the SYSTEM

Dive in

Writing a WinDbg Extension: Streamline Your Debugging Workflow

Pavel Yosifovich March 17, 2025

Note: This blog post is designed to complement the accompanying video embedded at the top

Dive in

Understanding UAC Virtualization: A Security Mechanism for Legacy Applications

Pavel Yosifovich March 17, 2025

In this video, we dive deep into User Account Control (UAC) Virtualization—a feature introduced in

Dive in

Windows Insider Green Screen of Death showing a frowny face and crash information.

Exploring the Blue Screen of Death: A Practical Deep Dive

Pavel Yosifovich February 17, 2025

Dive into Pavel’s latest post exploring the Windows Blue Screen of Death—what triggers it, why

Dive in

Live Workshop: Attack and Defense: Remote Thread Injection and Detection (Recorded)

Uriel Kosayev January 28, 2025

We’re excited to share the recorded workshop on Remote Thread Injection and EDR-based detection that

Dive in

Understanding RunDLL32: Leveraging Dynamic Function Invocation

Pavel Yosifovich January 13, 2025

Unlock the power of RunDLL32! Learn how to execute DLL functions, invoke control panel dialogs,

Dive in

Shell Icon Handler extension

Pavel Yosifovich January 9, 2025

Shell extensions are a powerful feature of the Windows shell that allow developers to extend

Dive in

Understanding the Differences Between CreateProcessAsUser and CreateProcessWithTokenW in Windows

Pavel Yosifovich December 17, 2024

In this video, we dive into two powerful Windows API functions—CreateProcessAsUser and CreateProcessWithTokenW—that allow you

Dive in

Building a Simple RPC Client and Server: A Step-by-Step Guide

Pavel Yosifovich November 20, 2024

Remote Procedure Calls (RPC) are a fundamental mechanism in distributed computing, allowing functions to execute

Dive in

Category: Windows Internals

Writing a Simple Key Logger

Running an Executable as SYSTEM: Unlocking Windows Privilege Escalation Techniques

Writing a WinDbg Extension: Streamline Your Debugging Workflow

Understanding UAC Virtualization: A Security Mechanism for Legacy Applications

Exploring the Blue Screen of Death: A Practical Deep Dive

Live Workshop: Attack and Defense: Remote Thread Injection and Detection (Recorded)

Understanding RunDLL32: Leveraging Dynamic Function Invocation

Shell Icon Handler extension

Understanding the Differences Between CreateProcessAsUser and CreateProcessWithTokenW in Windows

Building a Simple RPC Client and Server: A Step-by-Step Guide

Useful Resources

Learning Paths

Let's Connect