https://rayanfam.com/Rayanfam BlogWe write about Windows Internals, Hypervisors, Linux, and Networks. 2023-10-08T09:16:43+00:00 Rayanfam Blog https://rayanfam.com/ Jekyll © 2023 Rayanfam Blog /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Building Silicon Dreams: An Adventure in Hardware Design2023-10-07T00:00:00+00:00 2023-10-08T09:16:09+00:00 https://rayanfam.com/topics/hardware-design-stack/ {"name"=>"Sina Karvandi, Saleh Khalaj Monfared", "link"=>"https://twitter.com/Intel80x86"} Story Time Exploring the internals of processors has long been a fascination of mine. After spending a lot of time experiencing different processor features like hypervisor and configuring different x86 MSRs, I was seeking to find a way of knowing how exactly these concepts and configurations are made and how they work on the silicon. Initially, my knowledge of hardware design was limited t... HyperDbg’s One Thousand and One Nights2022-06-13T00:00:00+00:00 2022-06-15T06:45:18+00:00 https://rayanfam.com/topics/hyperdbg-one-thousand-and-one-nights/ {"name"=>"Saleh Monfared, and Mohammad Sina Karvandi", "link"=>"https://twitter.com/sal3hh"} This post is a different one, in that, it is more of an overview, rather than a technical post. Here, we provide a high-level summary of HyperDbg Debugger, its principles, and perspective. Introduction HyperDbg is an open-source, hypervisor-assisted debugger that can be used to debug both user-mode and kernel-mode applications. The closest similar product available to HyperDbg is WinDbg. Hy... Hypervisor From Scratch – Part 8: How To Do Magic With Hypervisor!2020-03-24T00:00:00+00:00 2022-04-13T21:12:10+00:00 https://rayanfam.com/topics/hypervisor-from-scratch-part-8/ {"name"=>"Mohammad Sina Karvandi", "link"=>"https://twitter.com/Intel80x86"} Introduction Hi guys, Welcome to the 8th part of the Hypervisor From Scratch. If you reach here, then you probably finished reading the 7th part, and personally, I believe the 7th part was the most challenging part to understand so hats off, you did a great job. The 8th part would be an exciting part as we’ll see lots of real-world and practical examples of solving reverse-engineering rela... Hypervisor From Scratch – Part 7: Using EPT & Page-Level Monitoring Features2020-01-20T00:00:00+00:00 2022-04-13T21:12:10+00:00 https://rayanfam.com/topics/hypervisor-from-scratch-part-7/ {"name"=>"Mohammad Sina Karvandi", "link"=>"https://twitter.com/Intel80x86"} Introduction This is the 7th part of the tutorial Hypervisor From Scratch, and it’s about using the Extended Page Table (EPT) in an already running system. As you might know, paging is an essential part of managing memory on modern operating systems. Hypervisors use an additional paging table; this gives us an excellent opportunity to monitor different aspects of memory (Read-Write-Execute) ... Reversing Windows Internals (Part 1) - Digging Into Handles, Callbacks & ObjectTypes2019-12-09T00:00:00+00:00 2022-06-16T22:15:54+00:00 https://rayanfam.com/topics/reversing-windows-internals-part1/ {"name"=>"Mohammad Sina Karvandi", "link"=>"https://twitter.com/Intel80x86"} Introduction Welcome to the first part of a series of posts about Exploring & Reversing Windows Concepts and Internals. If you reach here then you’re probably a security researcher or a programmer and this post and similar posts can help you understand what’s going on in some parts of Windows when you use objects with different users and credentials and what you can expect from Windows a...