View Full Version : Blogs Forum
- Armadillo, Nanomites and vectored exception-handling
- Behind Windows x64's 44-bit Virtual Memory Addressing Limit
- Purple Pill: What Happened
- Secrets of the Application Compatilibity Database (SDB) - Part 4
- New Object Manager Filtering APIs
- Vista DRM Issue Aftermath
- Rebooting from Kernel Mode
- Recent Events
- Update on Driver Signing Bypass
- Windows Vista 64-bit Driver Signing/PatchGuard Workaround
- Why Protected Processes Are A Bad Idea
- How I cracked the iTunes 7 DRM, Pt V
- Run-time determination of VC++ 2005 virtual member function addresses
- RCE essentials: PEiD
- Case study: Fraps
- How I cracked the iTunes 7 DRM, Pt III
- DLL injection via CreateRemoteThread
- How I cracked the iTunes 7 DRM, Pt II
- How I cracked the iTunes 7 DRM, Pt I
- Drawing on another Direct3D program's viewport
- How I cracked the iTunes 7 DRM, Pt IV
- Bypassing IsDebuggerPresent
- RDP Botnets : Malware Google Dorking - Not an Easy Task
- Exploring Protocols - Part 1
- MITMing an SSLized Java App
- Exploring Protocols 2: Writing some tools
- Analyzing Mac OS X Applications 101: CrashReporter and Malloc
- Is Win32 A Debugging API? If Not, How Close Is It?
- BinNavi Traces IOS and ScreenOS. It's On, Yo.
- Mystery Vulnerability Theater 3000: Part I
- ridiculous_fish Open-Sources HexFiend!
- Refreshing Change Of Pace: Actual Technical Discussions at Nate's Blog
- Reversing a ZLib-Obfuscated? Network Protocol
- Experimenting with IDA 5.2's scriptable debugger
- PaiMei / PIDA Fun
- Auditing Oracle with Cesar Cerrudo
- Undocumented Windows 2000 Secrets - free pdf edition
- Breaking in DAV RPC INTERFACE : Peripherals
- Decompiler output ctree
- Intrinsic "_ReturnAddress()" C/C++ WTF!
- New face and new concept for the Reverse Code Engineering Video Portal
- Immunity Debugger v1.1 Release
- Immunity Debugger Plugin Awards
- ProcDump Thorough IDB
- Immunity Debugger is now released!
- Hardware Breakpoints : Stature
- Null pointer dereference in win32k
- Mysteries of win32k & GDI - Win32Thread
- For those who miss it: Immunity Debugger v1.2 Release
- Vista Heap, Controlling the Determinism.
- Python + Microsoft Minidumps
- Small PyDBG Enhancements Incoming
- Packet Sniffing With ImmunityDebugger
- Grey Box Web Application Testing With Immunity Debugger
- Visual Patterns for File Format Fuzzing
- Reliability of Pseudo Registers in Bug Tracking
- Dissecting Windows XP Svchost Internals : Traversing Core Parameters
- Stack Unwinding : Reliability Panorama
- Syscall lister
- SpiderPig and The Childs.
- Comming soon! Uber process hooking/detour system!
- An "extra pass" for IDA Pro
- Dancing with exceptions
- Updated APIScan
- Real Time Tracing
- My first entry
- Embedded Portable Executable File
- Another IDA script: Dump section
- Assembly Custom GetProcAddress
- IDA's .IDS Files Part I
- Huh that was cool.
- SpiderPig Memory Tracer
- Just two weeks more
- Gaara Disinfectors
- T2 2006 VM Analysis
- My Training Class
- IDA's .IDS Files Part II
- Future occupation: Archeological reverser?
- Automating analysis with PyDbg
- Interesting primer on Virtualization from VMware
- Mass deface with RFI scanners
- Semi-automatic import recovery
- ExeCryptor's code morphing "technology"
- Why VMware is bad for shareware?
- Komodo Edit 4.2 released
- Visual Basic DllFunctionCall
- A new player in the virtualization arena for Mac
- VMWare Fusion?
- EXPLICATOR?
- Scripting fun
- Adding IDC commands to the out-of-the-box set
- LINUX AT LAST!
- Radio?
- OUTLAW ROOTKITS?
- HELLO!
- Never say never
- OpenRCE?
- Negated structure offsets
- IDA and Microcontrollers
- Hex-Rays SDK is ready!
- Coordinate system for Hex-Rays
- Trunk, Branches, and Leaves
- Finally, good STL replacement?
- Hex-Rays beta testing is open!
- Does 'return' come back?
- Adding cross references
- On batch analysis
- Dynamic coloring
- Very simple custom viewer
- Decompilation gets real
- Video #5 is up.
- Editable Listview control
- IDA plugin: Extract (UnRot13) and analyze
- The Point-R technique
- Doing it without Weird Hacks (tm) is even easier
- imports are easy to fix
- New Video Tutorials website
- Preventing the Exploitation of SEH Overwrites
- Implementing a Customer X86 Encoder
- Effective Bug Discovery
- Wars Within
- Fingerprinting 802.11 Implementations via Statistical Analysis of the Duration Field
- Improving Automated Analysis of Windows x64 Binaries
- Exploiting the Otherwise Non-Exploitable on Windows
- Abusing Mach on Mac OS X
- Exploiting 802.11 Wireless Driver Vulnerabilities on Windows
- Locreate: An Anagram for Relocate
- Subverting PatchGuard Version 2
- Real-time Steganography with RTP
- PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3
- OS X Kernel-mode Exploitation in a Weekend
- A Catalog of Local Windows Kernel-mode Backdoor Techniques
- Generalizing Data Flow Information
- Reducing the Effective Entropy of GS Cookies
- Memalyze: Dynamic Analysis of Memory Access Behavior in Software
- Mnemonic Password Formulas
- GREPEXEC: Grepping Executive Objects from Pool Memory
- Anti-Virus Software Gone Wrong
- Bypassing PatchGuard on Windows x64
- Annoyances Caused by Unsafe Assumptions
- Mac OS X PPC Shellcode Tricks
- Social Zombies: Aspects of Trojan Networks
- Loop Detection
- Smart Parking Meters
- Post-Exploitation on Windows using ActiveX Controls
- Introduction to Reverse Engineering Win32 Applications
- 802.11 VLANs and Association Redirection
- Bypassing Windows Hardware-enforced DEP
- Temporal Return Addresses
- Windows Kernel-mode Payload Fundamentals
- Analyzing Common Binary Parser Mistakes
- Attacking NTLM with Precomputed Hashtables
- Linux Improvised Userland Schedular Virus
- FUTo
- Thick Clients Gone Wrong
- Inside Blizzard: Battle.net
- Funny API function inside ntdll.dll
- Upack
- Code injection
- How to get the Virtual Address of a PE section with IDA
- Finessing Import REConstructor
- REcon 2005
- Getting around anti-debugger code
- Forcing IDA's "Create function..." on functions containing invalid code
- When the Red Pill is Hard to Swallow
- Unpacking DLLs and Drivers with OllyDbg
- Terms of the Trade
- Circumventing custom SEH
- Using Structure Offsets as Symbolic Constants in IDA
- Advanced Malware Deobfuscation training course at Black Hat
- Using assembly buffers in C++ without using hex-strings
- Loading Drivers in OllyDbg
- Career Shift
- Virus Bulletin 2006
- Function Analysis
- Counting Lines of Source Code
- Investigating Outlook's Single-Instance Restriction (PART 2)
- Investigating Outlook's Single-Instance Restriction (PART 1)
- Stateless Bi-Directional Proxy
- stuffz
- ВМВаре видимо се : vmware detection
- Свету се немодзе угодити
- Making an advanced api redirection more advanced?
- Виртуелно, виртуелно и машински
- Блогујем ја, блогујеш ти....
- Something About Firewall Hooking and Packet Filtering #1
- Hello World
- A Framework for Hash Algorithms Analysis
- Something About Firewall Hooking and Packer Filtering #2
- hm
- Serials and hashing
- A Guide to Decompiler Design - Part 0
- Some words on how to decrypt trojan Ascesso
- First blog entry ever on Woodmann.com!
vBulletin® v3.7.2, Copyright ©2000-2008, Jelsoft Enterprises Ltd.