https://ntninja.com/categories/windows/Recent content in Windows on NTNINJAHugo -- gohugo.ioen© 2026 Ryan JohnsonThu, 12 Feb 2026 01:00:00 +0000https://ntninja.com/posts/wedp-and-dbgeng-mcp-releases/Thu, 12 Feb 2026 01:00:00 +0000https://ntninja.com/posts/wedp-and-dbgeng-mcp-releases/<p>Quick update on two projects that have been getting a lot of my attention lately.</p> <h2 class="relative group">WEDP 1.0.0-rc1 <div id="wedp-100-rc1" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#wedp-100-rc1" aria-label="Anchor">#</a> </span> </h2> <p><a href="https://ntninja.com/wedp/" >WEDP (Windows Exploit Development Plugin)</a> has hit its first release candidate. If you are not familiar with it, WEDP is a native WinDbg extension I built for exploit development workflows. It provides ROP/SEH/stack-pivot gadget search, cyclic pattern utilities, module protection enumeration, inline assembly, and a bunch of other stuff you would normally need multiple tools for. I wrote a <a href="https://ntninja.com/posts/windbg-mcp-with-wedp/" >post</a> recently on using it with an MCP server and that really pushed me to clean things up and get a proper release out.</p>https://ntninja.com/posts/windbg-mcp-with-wedp/Fri, 06 Feb 2026 09:00:00 -0500https://ntninja.com/posts/windbg-mcp-with-wedp/<p>I have been late to the game with adopting GenAI into my workflow, but we are at full steam now. I have slowly been adding it into my daily routines to see where I can gain efficiency leveraging this new tech. One of the big areas I am playing with right now is for writing Windows based CTF challenges, and now in the past few days, seeing how I can leverage GenAI for writing POCs for these new challenges. In this post we are going to walk through my initial setup for using the <a href="https://github.com/NadavLor/windbg-ext-mcp" target="_blank" rel="noreferrer">WinDbg EXT MCP</a> to control a windbg instance that has the extension I wrote a long time ago, <a href="https://gitlab.com/ntninja-dev/windows-exploit-development/wedp" target="_blank" rel="noreferrer">WEDP (Windows Exploit Development Plugin)</a>, to improve the process of going from crash to POC.</p>https://ntninja.com/posts/install-exchange2k19-server2k19/Sat, 08 Oct 2022 09:00:00 -0500https://ntninja.com/posts/install-exchange2k19-server2k19/<p>Right off the bat, if you are looking for resources on how to set up or manange exchange in a production environment then stop reading, this installation was purely for a lab environment to practice red team techniques and play with some recent exploits.</p> <p>As someone with 0 training in windows adminstration, getting exchange working in my lab has been a long and painful experience. It ended up just taking a lot of research to find a web site with a walk through that finally worked for me to get a basic setup. I will admit that I dont fully understand exactly what every command is completing in the setup process, but its not really necessary for the my use cases. This 5 part guide from <a href="https://www.nucleustechnologies.com/blog/important-points-to-consider-before-installation/" target="_blank" rel="noreferrer">nucleus technologies</a> is what I followed for the most part and has much more detail, but I will add some additional links for dependencies to get everything in one place.</p>https://ntninja.com/posts/rundll-fundll/Sun, 25 Sep 2022 09:00:00 -0500https://ntninja.com/posts/rundll-fundll/<p>Have you ever written a DLL that had standalone functionality and wasn&rsquo;t meant to be used as a library? Considering that library is in the name, this idea seems contrary to what a library should be. Well, you can thank Microsoft for providing a way to execute standalone functionality from a DLL. Not only did they do that, they also provide DLLs with functionality that you need this utility to run!!! Say hello to rundll32, pronounced run dull all smashed as one word in some circles.</p>