PDA

View Full Version : Blogs Forum

Pages : 1 [2] 3 4
  1. Recon2008
  2. Testing debuggers
  3. Kernel debugging with IDA
  4. From simple to complex
  5. Bridge them all
  6. # IDA-Pro 5.4: old bugs on the new streets (was: to download or to not download)
  7. # RE course in Tel-Aviv
  8. Playstation3 / PS3 - Harddisk encryption
  9. S7 airlines is under attack!
  10. # simple OllyScript for upx
  11. # Baghdad - dead alive breakpoints
  12. # PatchDiff => Hex-Rays => WinDiff: how to analyze patches faster
  13. Class Informer IDA plug-in
  14. Windows 7 syscall list
  15. IDA v5.4 release is not that far away
  16. Windows 7 kernel structures
  17. # shell-codes analysis: where is EP?
  18. x64 SEH & Explorer Suite Update
  19. # FreeLibrary bug becomes a PE packers bug
  20. San-Francisco - the place to meet
  21. # MS VC - challenge for PE packers
  22. Unpinning Imported .dll's
  23. # 3 lines C-prog hurts MS VC
  24. # chilly suspicions of new win32 bug
  25. Malware: Unpacking Waledac
  26. # dynamic TLS callbacks instead of SEH
  27. # IDA-Pro and simple (E)SP hack
  28. # GetProcessDEPPolicy for XP/XP SP2
  29. NtSetDebugFilterState as Anti-Dbg Trick
  30. # TLS callbacks w/o USER32 (part III)
  31. # TLS callbacks w/o USER32 (part II)
  32. # another EnableTracing() bug
  33. how powerful IDA Script might be
  34. # IDA-Pro EnableTracing() - how not to do
  35. IDA and TLS callbacks
  36. # DS/FS is under hardware breakpoints
  37. # XP/S2K3 fails to process TLS w/o USER32
  38. blog was moved
  39. Guidelines to MFC reversing
  40. IOCTL-Proxy
  41. Dynamic C++ Proposal
  42. Command line version of OSR's DeviceTree
  43. Backdoor.Win32.UltimateDefender Reverse Engineering
  44. Switch as Binary Search, Part 1
  45. Switch as Binary Search, Part 0
  46. Qt Internals & Reversing
  47. CVE-2006-5758: better late than ever
  48. Malware and initial stack pointer value
  49. Shared object injection on linux/unix
  50. Bagle.W IDB
  51. Trojan.Zhelatin.pk
  52. Hotpatching MS08-067
  53. Analyzing local privilege escalations in win32k
  54. Exploiting Tomorrow's Internet Today: Penetration testing with IPv6
  55. Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS
  56. VbPython 1.2a
  57. examples of the syllabuses
  58. Using dual-mappings to evade automated unpackers
  59. Interesting Kernel32 Constant
  60. On Analysis of Client-Server Software Applications
  61. Analyzing Malicious PDF's
  62. The Wild World of VoIP
  63. RE-courses/conferences schedule
  64. custom gpa spy
  65. Debugger Detection Via NtSystemDebugControl
  66. POP SS and Debuggers
  67. Fighting Oreans' VM (code virtualizer flavour)
  68. PEiD imports parsing DoS
  69. Nucleus Framework
  70. SoftICE and KDExtensions
  71. IDA2PAT Reloaded
  72. Black Hat 2008 Wrap-up
  73. Part 2: Introduction to Optimization
  74. Part 3: Optimizing and Compiling
  75. Part 1: Bytecode and IR
  76. VMProtect, Part 0: Basics
  77. Inside DeleteFiber() as Anti Debug Trick
  78. Something different part 3, or not quite different
  79. Why hooking system services is more difficult (and dangerous) than it looks
  80. Inside SetUnhandledExceptionFilter
  81. Small Devices & RCE
  82. IDA on iPhone
  83. SymbolFinder
  84. Sun VirtualBox Disassembler Explantation
  85. CartellaUnicaTasse.exe Italian Malware RCE Analysis
  86. Why is secure development so important?
  87. pde/pte softice plugin
  88. Funny coded malware
  89. antisptd
  90. IceProbe - SoftIce Command Tracer
  91. build rule for x64 asm
  92. nonintrusive tracer on x64
  93. My "Unofficial" ReCon Video
  94. Strong-Name Signing, AdmiralDebilitate v0.1
  95. IDA Pro Development Environment
  96. Control Flow Deobfuscation Part 3
  97. Vmware snapshot and SSDT
  98. Phoenix Protector 1.3.0.1
  99. .NET Internals and Native Compiling
  100. Fujitsu 3D Shock Sensor Application Reversing
  101. An Introduction To .NET Reversing
  102. IDA and vmread/vmwrite x64
  103. Intel VT and cpuid break
  104. Downloader.Win32.Small or Win32/PolyCrypt Reversing
  105. #773: bug in IDA-Pro [fails to debug zero-based PE]
  106. "Function String Associate" IDA Plug-in
  107. # old CD 03 bug in windows
  108. # thinking in IDA Pro - how to obtain a copy
  109. # bug in Process Explorer (a gift for malware)
  110. # other solutions: how to load two or more files into the same IDA-Pro database
  111. # how to load two or more files into single IDA Pro database
  112. # Syser causes BSOD
  113. # eternal life, ammo, scores in games
  114. # free IDA-Pro training
  115. # turbo-import [stealth anti-api-monitors style]
  116. # bug in Olly, Windows behavior and Peter Ferrie
  117. .NET Internals and Code Injection
  118. D3DLookingGlass v0.1
  119. DisasMSIL and CFF Explorer
  120. Retsaot is Toaster, Reversed: Quick 'n Dirty Firmware Reversing
  121. My next 2 articles
  122. A brief discussion of Windows Vista’s IE Protected Mode (and user/process level secur
  123. Rebel.NET
  124. Integer overflow
  125. Control Flow Deobfuscation Part 2
  126. Programming against the x64 exception handling support, part 1: Definitions for x64 v
  127. Frame pointer omission (FPO) optimization and consequences when debugging, part 2
  128. Frame pointer omission (FPO) optimization and consequences when debugging, part 1
  129. The kernel object namespace and Win32, part 3
  130. The kernel object namespace and Win32, part 2
  131. Debugger tricks: API call logging, the quick’n'dirty way (part 3)
  132. The kernel object namespace and Win32, part 1
  133. Programming against the x64 exception handling support, part 2: A description of the
  134. Programming against the x64 exception handling support, part 3: Unwind internals (Rtl
  135. Programming against the x64 exception handling support, part 4: Unwind internals (Rtl
  136. Programming against the x64 exception handling support, part 5: Collided unwinds
  137. Programming against the x64 exception handling support, part 6: Frame consolidation u
  138. Programming against the x64 exception handling support, part 7: Putting it all togeth
  139. Debugger tricks: API call logging, the quick’n'dirty way (part 1)
  140. Debugger tricks: API call logging, the quick’n'dirty way (part 2)
  141. Few words about Kraken
  142. Introduction to x64 debugging, part 1
  143. Introduction to x64 debugging, part 2
  144. Introduction to x64 debugging, part 3
  145. Introduction to x64 debugging, part 4
  146. Introduction to x64 debugging, part 5
  147. x64 Debugging Review
  148. Using SDbgExt to aid your debugging and reverse engineering efforts (part 1).
  149. SDbgExt extensions - part 2.
  150. Useful WinDbg commands: .formats
  151. Debugger commands review
  152. Useful debugger commands: .writemem and .readmem
  153. SDbgExt 1.09 released (support for displaying x64 EH data)
  154. Debugger flow control: More on breakpoints (part 2)
  155. Removing kernel patching on the fly with the kernel debugger
  156. Beware of stack usage with the new network stack in Windows Vista
  157. Remote debugging with process servers (dbgsrv)
  158. Reverse debugging -server and -remote
  159. Win32 calling conventions: __thiscall in assembler
  160. Overview of WinDbg remote debugging
  161. Win32 calling conventions: __stdcall in assembler
  162. Win32 calling conventions: Concepts
  163. Remote debugging with kdsrv.exe
  164. Remote debugging review
  165. Win32 calling conventions: __fastcall in assembler
  166. Activating process servers and connecting to them
  167. Ollydbg v1.10 and 6E/6F/A6 opcodes, a little oversight
  168. Securing -server and -remote remote debugging sessions
  169. Remote debugging with -server and -remote
  170. Remote debugging with KD and NTSD
  171. Remote debugging with remote.exe
  172. Win32 calling conventions: Usage cases
  173. Win32 calling conventions: __cdecl in assembler
  174. Tracing Over System Calls In OllyDbg
  175. DynLogger
  176. Some functions are neater than the decompiler thinks
  177. Self-modifying TLS callbacks
  178. Symbian debugger
  179. Trojan-PSW.Win32.OnLineGames.eos Reversing
  180. Compiler 1, X86 Virtualizer 0
  181. IDA disasms reserved opcodes, is it a bug?
  182. Weird export forwarding thanks to Vista x64 SP1
  183. Symbian AppTRK
  184. Inside Session 0 Isolation and the UI Detection Service - Part 2
  185. Process Memory Dumper for Credentials Disclosure Vulns
  186. Cross Your T's and Dot Your Filenames
  187. Hello Symbian!
  188. (Part 2 of .NET native exe insights)Serial fishing and patching .NET exes with Ollydb
  189. Rebuilding native .NET exes into managed .NET exes by Exploiting lefotver IL...
  190. Some Quick Insights Into Native .NET exe's (part 1 of?)
  191. Reverse Engineering Position- TS/SCI Required
  192. Symbol Type Viewer 32Bit/64Bit v1.0.0.3
  193. Inside Session 0 Isolation and the UI Detection Service - Part 1
  194. Non-continuable exception trick
  195. Something different part 2
  196. New Hex-Rays Demo
  197. Different versions of Windows kernel structures
  198. gee mail patented algorithm
  199. Pythonic way
  200. Running Win32 program ASAP after Nt boot
  201. hm
  202. Re: RtlRemoteCall
  203. Alignment check
  204. Working? with protected processes in NT 6
  205. Microsoft's Rich Signature (undocumented)
  206. Tricky jump tables
  207. Reverse Engineering the flash virtual machine
  208. Collaborative RCE Tool Library (CRCETL) site update
  209. Two Extensions added into Collaborative RCE
  210. Why does every heap trace in UMDH get stuck at "malloc"?
  211. SoftICE Installation.
  212. Easy structure types
  213. Eeye BinDiffing Trick
  214. Industrial-Grade Binary-Only Profiling and Coverage
  215. Refreshing the Taskbar Notification Area
  216. Idc script and stack frame variables length
  217. Shellcode Analysis
  218. Array Indexing Quirk
  219. SpyShredder Malware Spammed on OpenRCE
  220. MRXDAV.SYS and Hex-Rays Decompiler
  221. Shellcoding on Windows: Part II - Stack Overflow Problems
  222. Updated ExtraPass plug-in 2.1, and APIScan
  223. dr7.gd on mp systems running sice
  224. PE Validator Script
  225. Thread Optimization Checks : Code Prominence
  226. Run-time determination of VC++ virtual member function addresses: Take II
  227. Immunity Debugger v1.4
  228. Debugger and process memory
  229. KeGetCurrentIrql can't return HIGH_LEVEL
  230. aMSN Input Validation Error
  231. Direct3D 9 Hook v1.1
  232. Jump tables
  233. Something different
  234. Shellcoding on Windows: Part I
  235. An Objective Analysis of the Lockdown Protection System for Battle.net
  236. ActiveX - Active Exploitation
  237. Improving Software Security Analysis using Exploitation Properties
  238. Context-keyed Payload Encoding
  239. FPU Tracer v0.0.1 released
  240. .NET unpackme
  241. softice nmi hook
  242. ScTagQuery: Mapping Service Hosting Threads With Their Owner Service
  243. Virtual Machine detection method cd.
  244. Old new Virtual Machine detection method.
  245. Compiler Optimizations Regarding Structures
  246. HP printer and cpu at 100%
  247. Again on Visual Basic
  248. Binary Search in Large-Scale Structure Recovery
  249. GUID-Finder IDA Plug-in
  250. Explorer Suite III (CFF Explorer VII)