PDA

View Full Version : Blogs Forum


Pages : 1 2 [3] 4

  1. Beware of stack usage with the new network stack in Windows Vista
  2. Activating process servers and connecting to them
  3. Remote debugging with process servers (dbgsrv)
  4. Reverse debugging -server and -remote
  5. Win32 calling conventions: __thiscall in assembler
  6. Overview of WinDbg remote debugging
  7. Win32 calling conventions: __stdcall in assembler
  8. Win32 calling conventions: Concepts
  9. Remote debugging with kdsrv.exe
  10. Remote debugging review
  11. Win32 calling conventions: __fastcall in assembler
  12. Ollydbg v1.10 and 6E/6F/A6 opcodes, a little oversight
  13. Securing -server and -remote remote debugging sessions
  14. Remote debugging with -server and -remote
  15. Remote debugging with KD and NTSD
  16. Remote debugging with remote.exe
  17. Win32 calling conventions: Usage cases
  18. Win32 calling conventions: __cdecl in assembler
  19. Tracing Over System Calls In OllyDbg
  20. DynLogger
  21. Some functions are neater than the decompiler thinks
  22. Self-modifying TLS callbacks
  23. Symbian debugger
  24. Trojan-PSW.Win32.OnLineGames.eos Reversing
  25. Compiler 1, X86 Virtualizer 0
  26. IDA disasms reserved opcodes, is it a bug?
  27. Weird export forwarding thanks to Vista x64 SP1
  28. Symbian AppTRK
  29. Inside Session 0 Isolation and the UI Detection Service - Part 2
  30. Process Memory Dumper for Credentials Disclosure Vulns
  31. Cross Your T's and Dot Your Filenames
  32. Hello Symbian!
  33. (Part 2 of .NET native exe insights)Serial fishing and patching .NET exes with Ollydb
  34. Rebuilding native .NET exes into managed .NET exes by Exploiting lefotver IL...
  35. Some Quick Insights Into Native .NET exe's (part 1 of?)
  36. Reverse Engineering Position- TS/SCI Required
  37. Symbol Type Viewer 32Bit/64Bit v1.0.0.3
  38. Non-continuable exception trick
  39. Inside Session 0 Isolation and the UI Detection Service - Part 1
  40. Something different part 2
  41. New Hex-Rays Demo
  42. Different versions of Windows kernel structures
  43. gee mail patented algorithm
  44. Pythonic way
  45. Working? with protected processes in NT 6
  46. Alignment check
  47. Re: RtlRemoteCall
  48. hm
  49. Running Win32 program ASAP after Nt boot
  50. Microsoft's Rich Signature (undocumented)
  51. Tricky jump tables
  52. Reverse Engineering the flash virtual machine
  53. Collaborative RCE Tool Library (CRCETL) site update
  54. Two Extensions added into Collaborative RCE
  55. Why does every heap trace in UMDH get stuck at "malloc"?
  56. SoftICE Installation.
  57. Easy structure types
  58. Eeye BinDiffing Trick
  59. Industrial-Grade Binary-Only Profiling and Coverage
  60. Refreshing the Taskbar Notification Area
  61. Idc script and stack frame variables length
  62. Shellcode Analysis
  63. SpyShredder Malware Spammed on OpenRCE
  64. Array Indexing Quirk
  65. MRXDAV.SYS and Hex-Rays Decompiler
  66. Shellcoding on Windows: Part II - Stack Overflow Problems
  67. Updated ExtraPass plug-in 2.1, and APIScan
  68. dr7.gd on mp systems running sice
  69. PE Validator Script
  70. Thread Optimization Checks : Code Prominence
  71. Run-time determination of VC++ virtual member function addresses: Take II
  72. Immunity Debugger v1.4
  73. Debugger and process memory
  74. KeGetCurrentIrql can't return HIGH_LEVEL
  75. aMSN Input Validation Error
  76. Direct3D 9 Hook v1.1
  77. Jump tables
  78. Something different
  79. Shellcoding on Windows: Part I
  80. ActiveX - Active Exploitation
  81. Context-keyed Payload Encoding
  82. Improving Software Security Analysis using Exploitation Properties
  83. An Objective Analysis of the Lockdown Protection System for Battle.net
  84. FPU Tracer v0.0.1 released
  85. .NET unpackme
  86. softice nmi hook
  87. ScTagQuery: Mapping Service Hosting Threads With Their Owner Service
  88. Virtual Machine detection method cd.
  89. Old new Virtual Machine detection method.
  90. Compiler Optimizations Regarding Structures
  91. HP printer and cpu at 100%
  92. Binary Search in Large-Scale Structure Recovery
  93. Again on Visual Basic
  94. GUID-Finder IDA Plug-in
  95. Explorer Suite III (CFF Explorer VII)
  96. Reversity Speech and Logs Available
  97. Control Flow Deobfuscation Part 1
  98. Dvd movie and easter egg
  99. A catalog of NTDLL kernel mode to user mode callbacks, part 5: KiUserCallbackDispatch
  100. Thread Local Storage, part 2: Explicit TLS
  101. Thread Local Storage, part 3: Compiler and linker support for implicit TLS
  102. Thread Local Storage, part 4: Accessing __declspec(thread) data
  103. Thread Local Storage, part 5: Loader support for __declspec(thread) variables (proces
  104. Thread Local Storage, part 6: Design problems with the Windows Server 2003 (and earli
  105. Thread Local Storage, part 7: Windows Vista support for __declspec(thread) in demand
  106. Thread Local Storage, part 8: Wrap-up
  107. How does one retrieve the 32-bit context of a Wow64 program from a 64-bit process on
  108. Viridian guest hypercall interface published
  109. Why are certain DLLs required to be at the same base address system-wide?
  110. A catalog of NTDLL kernel mode to user mode callbacks, part 1: Overview
  111. A catalog of NTDLL kernel mode to user mode callbacks, part 2: KiUserExceptionDispatc
  112. A catalog of NTDLL kernel mode to user mode callbacks, part 3: KiUserApcDispatcher
  113. A catalog of NTDLL kernel mode to user mode callbacks, part 4: KiRaiseUserExceptionDi
  114. Thread Local Storage, part 1: Overview
  115. The optimizer has different traits between the x86 and x64 compilers
  116. Compiler tricks in x86 assembly: Ternary operator optimization
  117. A catalog of NTDLL kernel mode to user mode callbacks, part 6: LdrInitializeThunk
  118. Reversing the V740, part 4: Implementing a solution
  119. Common WinDbg problems and solutions
  120. Fast kernel debugging for VMware, part 1: Overview
  121. Fast kernel debugging for VMware, part 2: KD Transport Module Interface
  122. Fast kernel debugging for VMware, part 3: Guest to Host Communication Overview
  123. Fast kernel debugging for VMware, part 5: Bridging the Gap to DbgEng.dll
  124. Fast kernel debugging for VMware, part 6: Roadmap to Future Improvements
  125. VMKD 1.1.1.7 released
  126. I tend to prefer debugging with release builds instead of debug builds.
  127. The default invalid parameter behavior for the VC8 CRT doesnâ??t break into the debug
  128. Why doesn't the publicly available kernrate work on Windows x64? (and how to fix it
  129. Reversing the V740, part 1: Rationale
  130. Reversing the V740, part 2: Digging deeper: The connection manager software
  131. Reversing the V740, part 3: The V740 abstraction layer module
  132. Fast kernel debugging for VMware, part 4: Communicating with the VMware VMM
  133. More packer analysis
  134. Packer analysis
  135. Debugging a custom unhandled exception filter
  136. Collaborative RCE Tool Library contents so far
  137. ImageRemCert - Removes certificate from PE image.
  138. CommWarrior.B Thorough IDB (ARM/C++)
  139. MemInfo: Peer Inside Memory Manager Behavior on Windows Vista and Server 2008
  140. dr7.gd - dr6 saving
  141. Better user interface for decompiler
  142. The Windows Vista Issue
  143. Weird Code: CCs On The Stack
  144. Windbg “dt” output converter
  145. MmGetSystemRoutineAddress : forwards on vista
  146. Traversing Offset Semantics : Walking Along the Curb
  147. The Collaborative RCE Tool Library
  148. syscall fuzzer
  149. The secret project finally revealed...
  150. Site Relaunch
  151. A framework to take the tedium out of code-injection in C++
  152. Beware of int 2c instruction
  153. IDC scripting a Win32.Virut variant - Part 1
  154. IDC scripting a Win32.Virut variant - Part 2
  155. Nanomites by Deroko
  156. Hang problem due to Hooking Curb in Codes.
  157. Vaughn Of The Dead Pt III: Some small-fry
  158. Armadillo, Nanomites and vectored exception-handling
  159. Recent Events
  160. Update on Driver Signing Bypass
  161. Windows Vista 64-bit Driver Signing/PatchGuard Workaround
  162. Behind Windows x64's 44-bit Virtual Memory Addressing Limit
  163. Purple Pill: What Happened
  164. Secrets of the Application Compatilibity Database (SDB) - Part 4
  165. Why Protected Processes Are A Bad Idea
  166. New Object Manager Filtering APIs
  167. Vista DRM Issue Aftermath
  168. Rebooting from Kernel Mode
  169. How I cracked the iTunes 7 DRM, Pt V
  170. Run-time determination of VC++ 2005 virtual member function addresses
  171. RCE essentials: PEiD
  172. Case study: Fraps
  173. How I cracked the iTunes 7 DRM, Pt III
  174. DLL injection via CreateRemoteThread
  175. Drawing on another Direct3D program's viewport
  176. Bypassing IsDebuggerPresent
  177. How I cracked the iTunes 7 DRM, Pt I
  178. How I cracked the iTunes 7 DRM, Pt II
  179. How I cracked the iTunes 7 DRM, Pt IV
  180. RDP Botnets : Malware Google Dorking - Not an Easy Task
  181. Is Win32 A Debugging API? If Not, How Close Is It?
  182. Reversing a ZLib-Obfuscated? Network Protocol
  183. Exploring Protocols 2: Writing some tools
  184. Exploring Protocols - Part 1
  185. MITMing an SSLized Java App
  186. Analyzing Mac OS X Applications 101: CrashReporter and Malloc
  187. Refreshing Change Of Pace: Actual Technical Discussions at Nate's Blog
  188. Mystery Vulnerability Theater 3000: Part I
  189. ridiculous_fish Open-Sources HexFiend!
  190. BinNavi Traces IOS and ScreenOS. It's On, Yo.
  191. Experimenting with IDA 5.2's scriptable debugger
  192. Undocumented Windows 2000 Secrets - free pdf edition
  193. Auditing Oracle with Cesar Cerrudo
  194. PaiMei / PIDA Fun
  195. Breaking in DAV RPC INTERFACE : Peripherals
  196. Decompiler output ctree
  197. Intrinsic "_ReturnAddress()" C/C++ WTF!
  198. New face and new concept for the Reverse Code Engineering Video Portal
  199. Small PyDBG Enhancements Incoming
  200. Packet Sniffing With ImmunityDebugger
  201. Grey Box Web Application Testing With Immunity Debugger
  202. Visual Patterns for File Format Fuzzing
  203. Reliability of Pseudo Registers in Bug Tracking
  204. Python + Microsoft Minidumps
  205. Dissecting Windows XP Svchost Internals : Traversing Core Parameters
  206. Stack Unwinding : Reliability Panorama
  207. An "extra pass" for IDA Pro
  208. Hardware Breakpoints : Stature
  209. Comming soon! Uber process hooking/detour system!
  210. My Training Class
  211. Vista Heap, Controlling the Determinism.
  212. For those who miss it: Immunity Debugger v1.2 Release
  213. Immunity Debugger v1.1 Release
  214. Updated APIScan
  215. Embedded Portable Executable File
  216. Real Time Tracing
  217. My first entry
  218. Another IDA script: Dump section
  219. Assembly Custom GetProcAddress
  220. IDA's .IDS Files Part I
  221. IDA's .IDS Files Part II
  222. ProcDump Thorough IDB
  223. T2 2006 VM Analysis
  224. Syscall lister
  225. Mysteries of win32k & GDI - Win32Thread
  226. Null pointer dereference in win32k
  227. Immunity Debugger is now released!
  228. Immunity Debugger Plugin Awards
  229. Dancing with exceptions
  230. Future occupation: Archeological reverser?
  231. Automating analysis with PyDbg
  232. Interesting primer on Virtualization from VMware
  233. Mass deface with RFI scanners
  234. Semi-automatic import recovery
  235. ExeCryptor's code morphing "technology"
  236. Why VMware is bad for shareware?
  237. Radio?
  238. Komodo Edit 4.2 released
  239. Visual Basic DllFunctionCall
  240. A new player in the virtualization arena for Mac
  241. VMWare Fusion?
  242. HELLO!
  243. OUTLAW ROOTKITS?
  244. LINUX AT LAST!
  245. Adding IDC commands to the out-of-the-box set
  246. Scripting fun
  247. EXPLICATOR?
  248. On batch analysis
  249. Dynamic coloring
  250. Does 'return' come back?