Instrumenting Tutorials
Bochs Emulator
Bochs Emulator – Config & Build on Windows and OS X
Bochs Emulator – Debug & Instrument
Pintool
Pinitor – An API Monitor Based on Pin
Programming
Getting started with Python and Qt for cross-platform GUI apps
System Architecture
Fooling Windows about its internal CPU
Inside Windows Page Frame Number (PFN) – Part 1
Inside Windows Page Frame Number (PFN) – Part 2
Call Gates’ Ring Transitioning in IA-32 Mode
Reverse-Engineering
Exploring from User-Mode to Kernel-Mode
Import Address Table (IAT) in action
Lack of rechecking permissions in Android
Change User-Mode application’s virtual address through Kernel Debugging
How to get every detail about SSDT, GDT, IDT in a blink of an eye
Kernel Mode Debugging by Windbg
Defeating malware’s Anti-VM techniques (CPUID-Based Instructions)
Why you should not always trust MSDN: Finding Real Access Rights Needed By Handles
Malware And Anti Malware
Defeat Malware’s Dynamic API Loading
A simple c# Trojan Horse example
Assembly
Using Intel’s Streaming SIMD Extensions 3 (MONITOR\MWAIT) As A Kernel Debugging Trick
A partial survey among non-general purpose registers
Assembly Challenge: Jump to a non-relative address without using registers
x64 Inline Assembly in Windows Driver Kit
SysAdmin
*nix
Introduction to systemd : Basic Usage and Concepts
Simple OpenLDAP + phpLDAPadmin setup
Useful Configs for Squid3 Cache
PacketScript overview: A Lua scripting engine for in-kernel packet processing
Windows
Getting started with Windows Server command line
Active Directory Certificate Services Overview and Migration
Web Server
Cisco
Cisco IOS and StrongSWAN IPSEC VPN
Cisco switch security features cheatsheet
Hypervisor
A first look at some aspects of Intel’s “Vanderpool” initiative