Press "Enter" to skip to content

Blog Map

Instrumenting Tutorials

Bochs Emulator

Bochs Emulator – Config & Build on Windows and OS X

Bochs Emulator – Debug & Instrument


Build a Simple Pin Tool

Pinitor – An API Monitor Based on Pin  


Getting started with Python and Qt for cross-platform GUI apps  

System Architecture

Thread Scheduling

Fooling Windows about its internal CPU

Inside Windows Page Frame Number (PFN) – Part 1

Inside Windows Page Frame Number (PFN) – Part 2

Call Gates’ Ring Transitioning in IA-32 Mode


Exploring from User-Mode to Kernel-Mode

Import Address Table (IAT) in action

Lack of rechecking permissions in Android

Change User-Mode application’s virtual address through Kernel Debugging

How to get every detail about SSDT, GDT, IDT in a blink of an eye

Kernel Mode Debugging by Windbg

Defeating malware’s Anti-VM techniques (CPUID-Based Instructions)

Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles

Malware And Anti Malware

Defeat Malware’s Dynamic API Loading

A simple c# Trojan Horse example

A New Anti Ransomware Idea


Using Intel’s Streaming SIMD Extensions 3 (MONITOR\MWAIT) As A Kernel Debugging Trick

A partial survey among non-general purpose registers

Assembly Challenge: Jump to a non-relative address without using registers  

x64 Inline Assembly in Windows Driver Kit



Introduction to systemd : Basic Usage and Concepts

Simple OpenLDAP + phpLDAPadmin setup

Bind9 chroot on Debian 8

Useful Configs for Squid3 Cache

PacketScript overview: A Lua scripting engine for in-kernel packet processing


Getting started with Windows Server command line

Active Directory Certificate Services Overview and Migration

Web Server

Useful Configs for NGINX


Cisco IOS and StrongSWAN IPSEC VPN

GRE over IPSec in Cisco IOS

Cisco switch security features cheatsheet


A first look at some aspects of Intel’s “Vanderpool” initiative  

.Net Framework

Detecting CPU Structure in .Net Framework

Get everything from .Net Reflection