Research Projects

BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets

• Co-Researcher: Netanel Ben Simon 

• Presented at:

  • Black Hat USA 2025

  • DEF CON 33 (2025)

• Vulnerabilities presented:

  • CVE-2025-48818 (CVSS 6.8) - BitLocker Security Feature Bypass Vulnerability

  • CVE-2025-48804 (CVSS 6.8) - BitLocker Security Feature Bypass Vulnerability

  • CVE-2025-48800 (CVSS 6.8) - BitLocker Security Feature Bypass Vulnerability

  • CVE-2025-48003 (CVSS 6.8) - BitLocker Security Feature Bypass Vulnerability

• Research Paper: BitUnlocker

• Pwnie Award Nominations:

  • Nominated for the “Most Innovative Research” award in 2025’s Pwnie Awards Ceremony

  • Nominated for the “Best Desktop Bug” award in 2025’s Pwnie Awards Ceremony

Windows Downdate: Downgrade Attacks Using Windows Updates

• Presented at:

  • Black Hat USA 2024 - Video

  • DEF CON 32 (2024) - Video

• Featured at:

  • Forbes

  • Fox News

  • The Washington Post

  • WIRED

  • and more

• Vulnerabilities found:

  • CVE-2024-38202 (CVSS 7.3) - Windows Update Stack Elevation of Privilege Vulnerability

  • CVE-2024-21302 (CVSS 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability

• Research Paper: Windows Downdate

• Tool: Windows Downdate

• Pwnie Award Nomination: Nominated for the “Most Epic Achievement” award in 2024’s Pwnie Awards Ceremony

The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools

• Presented at:

  • Black Hat Europe 2023 - Video

  • CanSecWest 2024 - Video

  • CONFidence 2024 - Video

• Featured at:

  • The Hacker News

  • Security Week

  • SC Media

  • and more

• Research Paper: Pool Party

• Tool: Pool Party

An Update on Windows Downdate

• Featured at:

  • Forbes

  • Dark Reading

  • The Hacker News

  • BleepingComputer

  • and more

• Research Paper: An Update on Windows Downdate