The Hackcert Blog

389 field-grade guides on offensive ops, blue-team detection, cloud security, AI red-teaming and more — written for engineers who ship.

Showing posts for tag: Windows Security Clear

Advanced 10 min read

AMSI Bypass: Advanced Techniques Used to Evade Windows Built-in Security

An advanced technical analysis of how modern malware and Red Teams bypass the Antimalware Scan Interface (AMSI) to execute malicious scripts completely undetected by Windows Defender.

Rokibul IslamMay 25, 2026AMSI BypassWindows SecurityAdvanced

Intermediate 8 min read

AMSI Patching: Deconstructing the Art of Disabling Antivirus via Memory Manipulation

A deep dive into AMSI Patching, exploring the advanced memory manipulation techniques adversaries use to hot-patch system DLLs and silently blind Windows Defender during attacks.

Rokibul IslamMay 25, 2026AMSI PatchingWindows SecurityIntermediate

Advanced 14 min read

COM Hijacking: System Hacking Using Windows Internal Processes

Dive deep into COM Hijacking, a sophisticated advanced persistence technique used by Red Teams to abuse Windows internals, bypass UAC, and evade EDR detection.

Rokibul IslamMay 25, 2026Windows SecurityCybersecurityAdvanced

Intermediate 12 min read

Constrained Delegation: Security Risks and Solutions in Active Directory

Understand the mechanics of Constrained Delegation in Active Directory, how attackers exploit it for privilege escalation, and the best practices to secure your domain.

Rokibul IslamMay 25, 2026Active DirectoryCybersecurityIntermediate

Advanced 12 min read

ETW Bypassing: How Cybercriminals Disable Windows Event Logs to Stay Hidden

Explore the advanced techniques used by attackers to bypass Event Tracing for Windows (ETW) and learn how Red Teams conceal their activities from EDR solutions.

Rokibul IslamMay 25, 2026ETW BypassingRed TeamingAdvanced

Beginner 10 min read

LSA Protection: Securing Local Security Authority to Prevent Credential Theft

Learn the fundamentals of Windows LSA Protection. Discover how to secure the Local Security Authority to prevent credential dumping and unauthorized access.

Rokibul IslamMay 25, 2026Windows SecurityCredential TheftBeginner

Intermediate 11 min read

LSASS Dumping: Advanced Cyber Techniques for Extracting Usernames and Passwords from Memory

Explore the advanced mechanics of LSASS Dumping. Understand how threat actors extract plaintext passwords and NTLM hashes from Windows memory to move laterally.

Rokibul IslamMay 25, 2026Windows SecurityExploitationCredential Dumping

Intermediate 11 min read

Syscalls Execution: Direct Kernel Communication Tactics for Bypassing Security Software

Explore how advanced malware utilizes direct system calls (syscalls) to bypass Endpoint Detection and Response (EDR) solutions and directly interact with the OS kernel.

Rokibul IslamMay 25, 2026Malware DevelopmentCybersecurityIntermediate

Intermediate 8 min read

Token Manipulation: The Cyber Strategy to Escalate Privileges in Windows

Understand Windows access token manipulation, a powerful cyber technique used by attackers to elevate privileges from a standard user to a system administrator.

Rokibul IslamMay 25, 2026Privilege EscalationWindows SecurityIntermediate

Intermediate 10 min read

Best Practices for Active Directory Security

Harden Active Directory: tiered admin model, Kerberos hygiene, privileged access, monitoring, and the controls that defeat real attacker tradecraft.

Rania Imran QadriFeb 29, 2024Active DirectoryIdentityWindows Security