View Full Version : Blogs Forum
- Recon 2010: Intro to Embedded Reverse Engineering for PC reversers
- PAPER: Security Mitigations for Return-Oriented Programming Attacks
- Dataflow-0.2.0 released. New: in memory fuzzing means
- RELEASE: SMB2 REMOTE EXPLOIT (VISTA SP1/SP2) + HACKTRO
- IDAQ: The result of 7 months at Hex-Rays
- Dynamic Binary Code and Data Flow Analysis Instrumentation.
- Handy debugger tricks: Setting osloader options on a per-boot basis
- Windows CSRSS Write Up: Inter-process Communication (part 2/3)
- Blog customization, old PHP advisories
- Implementing command completion for IDAPython
- Kernel debugger vs user mode exceptions
- Windows CSRSS Write Up: Inter-process Communication (part 1/3)
- Attacking the Host via Remote Kernel Debugger (Virtual Machines)
- Running scripts from the command line with idascript
- Windows CSRSS Write Up: the basics (part 1/1)
- IDA Pro 5.7 highlights
- A quick insight into the Driver Signature Enforcement
- Extending IDC and IDAPython
- PatchDiff2 Analysis and Decompilation
- [WinInternals] Reverse Engineering of kdbgctrl - How are builded Kernel Triage Dumps
- CONFidence 2010 is over
- UI and scripting improvements
- The Future of Disassembling - Cloud OS
- ARM decompiler beta is coming
- Windows CSRSS cross-version API Table
- Kernel debugging with IDA Pro / Windbg plugin and VirtualKd
- Debugging the Debugger - Reversing kldbgdrv.sys and Potential Usages
- Book Review: The Art of Assembly Language, 2nd Edition
- Windows Kernel Vulnerabilities continued – details
- CTcpFwd – cross-platform stdin/out to socket forwarding class
- Windows Kernel Vulnerabilities release (Hispasec research)
- A Filemaker Story
- Environment variable editor
- Scriptable plugins
- Using custom viewers from IDAPython
- Preview of the new cross-platform IDA Pro GUI
- Compiler Optimizations for Reverse Engineers
- Custom data types and formats
- Abusing alignment code for anti-sandboxing purposes
- Scriptable Processor modules
- My first month at Hex-Rays
- Great News!
- New IDC improvement in IDA Pro 5.6
- RCE, A New Exciting and Strange World
- Rootkit Agent.adah Anatomy and Executables Carving via Cryptoanalytical Approach
- Hex-Rays against Aurora
- Practical Appcall examples
- "Descriptor tables in kernel exploitation" - a new article
- Advanced Signature Writing via FuzzyHashing
- Introducing the Appcall feature in IDA Pro 5.6
- Debugging ARM code snippets in IDA Pro 5.6 using QEMU emulator
- PDF file loader to extract and analyse shellcode
- x86 Kernel Memory Space Visualization (KernelMAP v0.0.1)
- Code release: C-subset compiler in Objective Caml
- VinE's OCaml Programming Tricks: Explicit Continuation-Passing Style
- DNAScan Malicious Network Activity Reverse Engineering
- Hex-Rays Plugin Contest
- Win32k.SYS system call table
- KiTrap06(#UD)
- Using MATLAB and Mathcad for solving (mesh current) equations.
- Unexported SSDT functions finding method
- Elevation of Privilege DLL Patcher
- Hex-Rays is hiring
- Filter Monitor 1.0.1
- Hex-Rays Decompiler primer
- Structure Recovery as Counter-Example Guided Abstraction Refinement
- Controlling Windows process list, part 1
- Telewizor, meble, ma?y fiat
- SEH Graph
- SMB2: 351 Packets from the Trampoline released!
- 351 Packets from the Trampoline
- TraceHook v0.0.2
- Device Drivers Vulnerability Research, Avast a real case
- Finding instructions
- An attempt to reconstruct the call stack
- VMware CloudBurst - VMware Guest to Host Escape Exploit
- C++ Method Constness
- Develop your master boot record and debug it with IDA Pro and the Bochs debugger plug
- Code Release page
- Viewer for driver dispatch tables
- Binary-Auditing Solutions.
- Process termination issues
- Recent conferences’ reports
- DllMain and its uncovered possibilites
- The incoming SecDay conference
- Suspending processes in Windows, part 1
- TraceHook v0.0.1 release
- Hello world!
- Extending Total Commander with some minor functionality
- "Client" Unit Tests(some fun ones..)Indirect RtlCreateUserThread hooking..
- Several Common Ways That Viruses Spread
- VMware ring3 detection (RF handling)
- Javascript for IDA Pro
- Sorry its taking so long on the next release of source..
- Casts are bad
- (In My fucked up way Of thinking...)
- # faked Adobe PDF.SWF exploit on milw0rm
- # weakness of PAGE_GUARD or new Windows bug (XP/Vista 32/64 SP1)
- placing a "hotpatch" where it doesnt belong..
- why Opcode0x90's "dll Injection shield" fails against RtlCreateUserThead
- Pwnie Awards Nominees!!!
- Bypassing Csrss's hold on Terminating Win32Threads..
- Aslan (4514N) - Binary Code Integrator - Okaeri
- If I had a nickel for every time I had a nickel, I'd have TWO NICKELS
- Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case)
- PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs
- Kon-Boot for USB and some news
- Some graphs
- PAPER: Evading network-level emulation
- Generic unpacking paper revision
- Incoming...
- Blah
- SpiderPig and The Childs.
- SpiderPig Memory Tracer
- Presenting Kon-Boot v1.0
- # IDA-Pro steals RIP ? introduction in relative addressing
- User-mode debugger with SoftICE UI
- # MS DirectShow MPEG2 (msvidctl.dll) worm was fired out!
- # IDA-Pro//BOCHSDBG plug-in bug: lack of 16bit support
- CallOutRecaptureRoutine and the changes it made
- # Xcon2009: passive non-resident root-kits
- VMprotect VM_logic (in v1.8 demo)
- # die Vista, die or why DEADDEEF is alive?
- A snippet of time.. ;) uneditted ..
- # IDA-Pro 5.5 has been updated, fixed ? Bochs plug-in unaligned PE bug
- # San-Francisco - A Dream Came True
- Native Blocks Pre-Alpha
- Server Handle Table Funtions.
- Ideas and concepts: behind the Sin32 Subsystem
- Bare Bone Client
- Ruby for Pentesters - The Dark Side I: Ragweed
- Server Thread Recycling (Beginings..)
- Current QuickLPC Client
- Current QuickLPC Server Implementation
- Function call graph plugin sample
- My first blog post.(plans for my blog)
- IDA Pro 5.5 and Hex-Rays 1.1 have been released!
- psusp
- Windows 7 RC syscalls
- # a bomb from McAfee (a nasty one)
- IDA Pro 5.5 goes alpha
- VMprotect VM_logic (in v1.8 demo)
- Matasano PFI (as seen on TV!)
- Using CreatePipe to detect and thwart Emulating Sandboxes and AV emulators
- EventPair Reversing, EventPairHandle as Anti-Dbg Trick
- Decompiling floating point
- IDA v5.4 demo
- RtlQueryProcessHeapInformation as Anti-Dbg Trick
- RtlQueryProcessDebugInformation as Anti-Dbg Trick
- Found what is that "long mode segmentation"
- Updated "Class Informer" plug-in
- Debugger tricks: Find all probable CONTEXT records in a crash dump
- Anti-Emulation Tricks
- InfoSec Institute's RE Course
- Examining kernel stacks on Vista/Srv08 using kdbgctrl -td
- VC++ asm intrinsics
- Ruby for Pen-Testers: Announcing Ruby Black Bag
- Netsons killed my Website
- DirecSound Capture With Deviare
- Understanding the kernel address space on 32-bit Windows Vista
- Recovering a process from a hung debugger
- Advanced Windows Kernel Debugging with VMWare and IDA's GDB debugger
- # I’m on my way to South Africa
- # self-replicated processes
- # JL/JGE Intel CPU bug as anti-reversing trick
- # Olly Plug-ins and MS VC
- # Olly loads Olly to bypass anti-attach tricks /* Clerk? trick */
- # anti-attach: BaseThreadStartThunk => NO_ACCESS
- # zombie slam
- # Process Explorer - bloody hell of indefinite waiting bugs
- # NtRequestWaitReplyPort abuses IDA-Pro
- # PRNG based on REP STOS
- # attach to me? if you can (part II)
- # self-overwritten REP STOS/MOVS, IDA-Pro 5.4 and Ko
- # try to attach to me? if you can!
- Mr. Bachaalany joins Hex-Rays
- The IDA Pro book
- BITS used as a covert channel
- Bochs Emulator and IDA?
- IDA Pro has 9 debugger modules
- IDA and MIPS
- Bochs plugin goes alpha
- Blackhat USA 2008
- Apple's variant of ptrace()
- Recon2008
- Testing debuggers
- From simple to complex
- Kernel debugging with IDA
- Bridge them all
- # IDA-Pro 5.4: old bugs on the new streets (was: to download or to not download)
- # RE course in Tel-Aviv
- Playstation3 / PS3 - Harddisk encryption
- # simple OllyScript for upx
- S7 airlines is under attack!
- # PatchDiff => Hex-Rays => WinDiff: how to analyze patches faster
- # Baghdad - dead alive breakpoints
- Class Informer IDA plug-in
- Windows 7 syscall list
- IDA v5.4 release is not that far away
- Windows 7 kernel structures
- # shell-codes analysis: where is EP?
- x64 SEH & Explorer Suite Update
- # FreeLibrary bug becomes a PE packers bug
- San-Francisco - the place to meet
- # MS VC - challenge for PE packers
- Unpinning Imported .dll's
- # chilly suspicions of new win32 bug
- # 3 lines C-prog hurts MS VC
- Malware: Unpacking Waledac
- # dynamic TLS callbacks instead of SEH
- # IDA-Pro and simple (E)SP hack
- # GetProcessDEPPolicy for XP/XP SP2
- NtSetDebugFilterState as Anti-Dbg Trick
- # TLS callbacks w/o USER32 (part III)
- # TLS callbacks w/o USER32 (part II)
- # another EnableTracing() bug
- how powerful IDA Script might be
- # IDA-Pro EnableTracing() - how not to do
- IDA and TLS callbacks
- # XP/S2K3 fails to process TLS w/o USER32
- # DS/FS is under hardware breakpoints
- blog was moved
- Guidelines to MFC reversing
- IOCTL-Proxy
- Dynamic C++ Proposal
- Command line version of OSR's DeviceTree
- Backdoor.Win32.UltimateDefender Reverse Engineering
- Switch as Binary Search, Part 1
- Switch as Binary Search, Part 0
- Qt Internals & Reversing
- CVE-2006-5758: better late than ever
- Malware and initial stack pointer value
- Shared object injection on linux/unix
- Bagle.W IDB
- Trojan.Zhelatin.pk
- Hotpatching MS08-067
- On Analysis of Client-Server Software Applications
- Analyzing local privilege escalations in win32k
- Exploiting Tomorrow's Internet Today: Penetration testing with IPv6
- Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS
- VbPython 1.2a
- examples of the syllabuses
- Using dual-mappings to evade automated unpackers
- Interesting Kernel32 Constant
- Analyzing Malicious PDF's
- The Wild World of VoIP
- RE-courses/conferences schedule
- custom gpa spy
- Debugger Detection Via NtSystemDebugControl
- POP SS and Debuggers
Powered by vBulletin™ Version 4.0.4 Copyright © 2010 vBulletin Solutions, Inc. All rights reserved.