Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. nostarch.com/networkprotocol….

United Kingdom
Joined July 2009
My book's finally here, just in time for Xmas. Thanks to @billpollock and @nostarch for all their time and effort as well as my friend @k8em0 for doing the forward. Hope anyone who's bought it are seeing final copies arriving. And it's a dog on the cover BTW 🙂
76
305
1,263
Released v1.1.30 of NtObjectManager to the PS gallery. Main addition is the support for named pipe RPC clients. Also updated the NuGet packages, they now contain multi-target (no more "Core" versions) as well as full symbols and source link support. powershellgallery.com/packag…
3
38
109
James Forshaw retweeted
Running @tiraniddo 's CANAPE Core on my Chromebook. I'm still geeking out about it.
0
1
7
Having discovered various issues with Windows mini-filter drivers lately I found public information about how to analyze such drivers for security issues somewhat lacking. Therefore today I've put out a blog post to try and fix that glitch :-) googleprojectzero.blogspot.c…
4
238
477
James Forshaw retweeted
#Zer0Con2021 CFP zer0con.org/cfp.pdf Speakers can have enough time to present. If he(she) wants, he(she) can have 50 ~ 100 minutes, even more.
0
18
35
James Forshaw retweeted
A story on how I gained RCE against Microsoft Exchange Online using CVE-2020-16875 and bypassed their patches twice over. Latest patch bypass is unpatched against on-premise deployments! Making Clouds Rain - Remote Code Execution in Microsoft Office 365: srcincite.io/blog/2021/01/12…
12
372
776
James Forshaw retweeted
Starting a series about Offensive Windows IPC Internals at csandker.io/. Starting off with Named Pipes: csandker.io/2021/01/10/Offen… Also added an RSS feed and finally took the time to add my growing History of Windows timeline ❤️ (csandker.io/win-history/)
9
115
237
Show this thread
James Forshaw retweeted
New blog post out on the in-the-wild (ITW) vulnerabilities that Project Zero saw back in March/April 2020: googleprojectzero.blogspot.c….
2
79
173
Show this thread
James Forshaw retweeted
I've published a blog post on improving the Windows AMD64 memset implementation: msrc-blog.microsoft.com/2021… cc @trav_downs
10
71
189