Archives

2022

• 13 06 HyperDbg’s One Thousand and One Nights

2020

• 24 03 Hypervisor From Scratch – Part 8: How To Do Magic With Hypervisor!
• 20 01 Hypervisor From Scratch – Part 7: Using EPT & Page-Level Monitoring Features

2019

• 09 12 Reversing Windows Internals (Part 1) - Digging Into Handles, Callbacks & ObjectTypes
• 06 06 Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles
• 25 02 Hypervisor From Scratch – Part 6: Virtualizing An Already Running System
• 09 02 PacketScript overview: A Lua scripting engine for in-kernel packet processing
• 15 01 Call Gates' Ring Transitioning in IA-32 Mode

2018

• 16 12 Hypervisor From Scratch – Part 5: Setting up VMCS & Running Guest Code
• 07 12 VmcsAuditor - A Bochs-Based Hypervisor Layout Checker
• 19 10 Start linux kernel module development!
• 05 10 Hypervisor From Scratch – Part 4: Address Translation Using Extended Page Table (EPT)
• 15 09 Hypervisor From Scratch – Part 3: Setting up Our First Virtual Machine
• 08 09 Using Intel's Streaming SIMD Extensions 3 (MONITOR MWAIT) As A Kernel Debugging Trick
• 03 09 Hypervisor From Scratch – Part 2: Entering VMX Operation
• 31 08 A Tour of Mount in Linux
• 21 08 Hypervisor From Scratch - Part 1: Basic Concepts & Configure Testing Environment
• 16 08 x64 Inline Assembly in Windows Driver Kit
• 07 08 Inside Windows Page Frame Number (PFN) – Part 2
• 20 07 Cisco switch security features cheatsheet
• 19 07 Inside Windows Page Frame Number (PFN) - Part 1
• 15 07 Captive portal detection with a working sample in all major OSs!
• 13 06 Defeating malware's Anti-VM techniques (CPUID-Based Instructions)
• 26 05 PyKD Tutorial - part 2
• 25 05 PyKD Tutorial - part 1
• 25 05 Active Directory Certificate Services Overview and Migration
• 27 04 Bochs Emulator - Debug & Instrument
• 18 04 Bochs Emulator - Config & Build on Windows and OS X
• 07 04 A partial survey among non-general purpose registers
• 06 04 Introduction to systemd : Basic Usage and Concepts
• 06 03 Useful Configs for NGINX
• 06 03 Assembly Challenge : Jump to a non-relative address without using registers
• 18 01 A first look at some aspects of Intel's "Vanderpool" initiative
• 09 01 Build a Simple Pin Tool

2017

• 19 12 Pinitor - An API Monitor Based on Pin
• 18 12 Getting started with Python and Qt for cross-platform GUI apps
• 11 11 Detecting CPU Structure in .Net Framework
• 10 11 Getting started with Windows Server command line
• 31 10 Get everything from .Net Reflection
• 01 10 Fooling Windows about its internal CPU
• 29 09 Simple OpenLDAP + phpLDAPadmin setup
• 17 09 GRE over IPSec in Cisco IOS
• 17 09 Cisco IOS and StrongSWAN IPSEC VPN
• 02 09 Exploring from User-Mode to Kernel-Mode
• 22 08 Defeat Malware's Dynamic API Loading
• 11 04 Lack of rechecking permissions in Android
• 11 04 Import Address Table (IAT) in action
• 03 04 Bind9 chroot on debian 8
• 02 04 Change User-Mode application's virtual address through Kernel Debugging
• 01 04 How to get every detail about SSDT , GDT , IDT in a blink of an eye
• 21 03 Useful Configs for Squid3 Cache
• 20 03 A New Anti Ransomware Idea
• 19 03 Kernel Mode Debugging by Windbg
• 19 03 Hello World !