BPF Map Poisoning: Attacking the EDR from the Inside

July 6, 2026 · 10 min · 0xMatheuZ

Trend Micro Deep Security Agent Research: Forcing bmhook/tmhook Reloads to Open a Protection Bypass Window

June 3, 2026 · 24 min · 0xMatheuZ

Breaking eBPF Security: How Kernel Rootkits Blind Observability Tools

February 9, 2026 · 16 min · 0xMatheuZ

Ioctl Secrets Writeup

November 9, 2025 · 5 min · 0xMatheuZ

Evading Elastic Security: Linux Rootkit Detection Bypass

October 30, 2025 · 20 min · 0xMatheuZ