# Windows Research

- [The dusk of g\_CiOptions: circumventing DSE with VBS enabled](/main/research/windows-research/the-dusk-of-g_cioptions-circumventing-dse-with-vbs-enabled.md): In this article, we will explore the concept of bypassing Driver Signature Enforcement (DSE) in the Virtualization Based Security (VBS) era with only a write-what-where exploit primitive.
- [ProxyAlloc: evading NtAllocateVirtualMemory detection ft. Elastic Defend & Binary Ninja](/main/research/windows-research/proxyalloc-evading-ntallocatevirtualmemory-detection-ft.-elastic-defend-and-binary-ninja.md): In this article, we will explore a method for in-process shellcode execution evasion. This method is specifically designed to avoid the detection of NtAllocateVirtualMemory calls from unsigned DLLs.
- [Offset-free DSE bypass across Windows 11 & 10: utilising ntkrnlmp.pdb](/main/research/windows-research/offset-free-dse-bypass-across-windows-11-and-10-utilising-ntkrnlmp.pdb.md): Parsing ntkrnlmp.pdb on the target to eliminate the need for static offsetting and thus safely and dynamically bypassing driver signature enforcement across multiple Windows 10 & 11 versions.