Sina & Shahriar's Blog - An aggressive out-of-order blog...

Hypervisor From Scratch – Part 8: How To Do Magic With Hypervisor!

Introduction Hi guys, Welcome to the 8th part of the Hypervisor From Scratch. If you reach here, then you probably finished reading the 7th part, and personally, I believe the…
Read more
Hypervisor From Scratch – Part 7: Using EPT & Page-Level Monitoring Features

Introduction This is the 7th part of the tutorial Hypervisor From Scratch, and it’s about using the Extended Page Table (EPT) in an already running system. As you might know,…
Read more
Reversing Windows Internals (Part 1) – Digging Into Handles, Callbacks & ObjectTypes

Introduction Welcome to the first part of a series of posts about Exploring & Reversing Windows Concepts and Internals. If you reach here then you’re probably a security researcher or…
Read more
Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles

Introduction Hi guys, The title of this topic is somehow weird, if you think everything in MSDN is 100% match with what Microsoft implemented in Windows (like what I used…
Read more
Hypervisor From Scratch – Part 6: Virtualizing An Already Running System

Introduction Hello and welcome to the 6th part of the tutorial Hypervisor From Scratch. In this part, I try to give you an idea of how to virtualize an already…
Read more

Featured

Hypervisor From Scratch – Part 8: How To Do Magic With Hypervisor!

Published March 24, 2020 by Sina Karvandi

Hypervisor From Scratch – Part 8: How To Do Magic With Hypervisor!

Introduction Hi guys, Welcome to the 8th part of the Hypervisor From Scratch. If you reach here, then you probably finished reading the 7th part, and personally, I believe the…

Hypervisor From Scratch – Part 7: Using EPT & Page-Level Monitoring Features

Published January 20, 2020 by Sina Karvandi

Hypervisor From Scratch – Part 7: Using EPT & Page-Level Monitoring Features

Introduction This is the 7th part of the tutorial Hypervisor From Scratch, and it’s about using the Extended Page Table (EPT) in an already running system. As you might know,…

Reversing Windows Internals (Part 1) – Digging Into Handles, Callbacks & ObjectTypes

Published December 9, 2019 by Sina Karvandi

Reversing Windows Internals (Part 1) – Digging Into Handles, Callbacks & ObjectTypes

Introduction Welcome to the first part of a series of posts about Exploring & Reversing Windows Concepts and Internals. If you reach here then you’re probably a security researcher or…

Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles

Published June 6, 2019 by Sina Karvandi

Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles

Introduction Hi guys, The title of this topic is somehow weird, if you think everything in MSDN is 100% match with what Microsoft implemented in Windows (like what I used…

Hypervisor From Scratch – Part 6: Virtualizing An Already Running System

Published February 25, 2019 by Sina Karvandi

Hypervisor From Scratch – Part 6: Virtualizing An Already Running System

Introduction Hello and welcome to the 6th part of the tutorial Hypervisor From Scratch. In this part, I try to give you an idea of how to virtualize an already…