From 24b93c98f5ba6f445fc784fa97f3e3b0395a276e Mon Sep 17 00:00:00 2001
From: WindowsAddict
Date: Fri, 28 Mar 2025 05:46:29 +0530
Subject: Update docs

---
 blog/2024-09-06-Keyhole/index.md | 3 +--
 blog/2025-02-14-TSforge/index.md | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

(limited to 'blog')

diff --git a/blog/2024-09-06-Keyhole/index.md b/blog/2024-09-06-Keyhole/index.md
index 739c9f4..234dc4f 100644
--- a/blog/2024-09-06-Keyhole/index.md
+++ b/blog/2024-09-06-Keyhole/index.md
@@ -11,7 +11,7 @@ image: /img/blog_card.png
 # Keyhole
 
 By WitherOrNot  
-Edited by May, Lyssa, & SpCreatePackaedLicense
+Edited by May, Lyssa 
 
 ## Introduction
 
@@ -174,7 +174,6 @@ The research covered in this blogpost was made possible by the following people/
 
  - May - Initial discovery, testing, reverse engineering
  - asdcorp - Testing, reverse engineering
- - SpCreatePackaedLicense - Testing, reverse engineering, bugfix analysis
  - WitherOrNot - Tool development, testing, reverse engineering, bugfix analysis
  - emoose, LukeFZ - License Block format documentation
  - KiFilterFiberContext - ClipSp unpacking
diff --git a/blog/2025-02-14-TSforge/index.md b/blog/2025-02-14-TSforge/index.md
index db8813c..04e74c3 100644
--- a/blog/2025-02-14-TSforge/index.md
+++ b/blog/2025-02-14-TSforge/index.md
@@ -100,7 +100,7 @@ From all of this work, we learned the following things:
  - The trusted store's data is held in encrypted files
  - This data is somehow linked with seemingly encrypted registry keys under `HKLM\SYSTEM\WPA`
 
-Unfortunately, we didn't know much more than this for quite a long time. My work on deobfuscating both [older](https://github.com/UMSKT/peacestone) and [newer](https://github.com/WitherOrNot/warbird-docs) versions of sppsvc helped us in confirming some of our theories, but without an understanding of `spsys.sys`, they didn't contribute much. In the meantime, SpCreatePackaedLicense built an automated version of the CID trick, using a custom kernel driver to patch sppsvc without adjusting its [protected process](https://www.alex-ionescu.com/why-protected-processes-are-a-bad-idea/) status, which helped greatly with testing CID trick. 
+Unfortunately, we didn't know much more than this for quite a long time. My work on deobfuscating both [older](https://github.com/UMSKT/peacestone) and [newer](https://github.com/WitherOrNot/warbird-docs) versions of sppsvc helped us in confirming some of our theories, but without an understanding of `spsys.sys`, they didn't contribute much. In the meantime, we built an automated version of the CID trick, using a custom kernel driver to patch sppsvc without adjusting its [protected process](https://www.alex-ionescu.com/why-protected-processes-are-a-bad-idea/) status, which helped greatly with testing CID trick. 
 
 ![image](./assets/tsf/miieow1.png)
 
@@ -249,7 +249,6 @@ Even with the amount of damage we were able to do to SPP with a debugger and a h
 
 #### Other Contributions
 
-- SpCreatePackaedLicense - Tool development, testing
 - May - Code formatting, build setup
 
 #### Special Thanks
-- 
cgit v1.2.3