Press "Enter" to skip to content

Bind9 chroot on debian 8

Shahriar 0

From Wikipedia: BIND, or named, is the most widely used Domain Name System (DNS) software on the Internet. On Unix-like operating systems it is the de facto standard. As you know chrooting a process is very beneficial for security as any compromise cannot have effect on the whole system. But be aware escaping from chroot is not impossible. and therefore should not be used as your only security measure on a production DNS resolver. Chrooting Bind is simple, however there…

Change User-Mode application’s virtual address through Kernel Debugging

Sina Karvandi 1

Well, it’s somehow an odd topic but sometimes it could be really helpful in some situations. So what are the situations? Imagine sometimes you need to access windows stuffs that aren’t available from user-mode debuggers like ollydbg or through user-mode debugging (e.g memory after 0x7fffffff). In my experience I see some conditions that protectors make a sophisticated check for finding any debugger in memory and then change their approach to stop reverser from reversing the rest of the code. In…

How to get every detail about SSDT , GDT , IDT in a blink of an eye

Sina Karvandi 0

  In a few days ago I was looking for something to show me the SSDT and GDT (Which is really important in malware analyzing because most of rootkits are interested in hooking and changing this stuffs.) • SSDT (System Service Descriptor Table) • GDT (Global Descriptor Table) • IDT (Interrupt Descriptor Table) They’re really important table in OSes for example SSDT is something like IAT (Import Address Table) in user-mode applications which holds pointer to exported functions of all…

Useful Configs for Squid3 Cache

Shahriar 0

Hi everyone! After searching the web so many times and testing different configurations of Squid, I have found these minimal working configs which you can use to achieve the features you want from Squid3 Cache (which is really robust and powerful btw) Read more for config…

A New Anti Ransomware Idea

Sina Karvandi 0

In the last few days, I was asked to give a new idea for creating an anti ransomware and now I wanna share my idea and source codes. The Full Source Code Is Available at : https://github.com/SinaKarvandi/Redemption-Anti-Ransomware/ Introduction In the raise of computers in this century and as they largely used in transferring and storing sensitive data, Ransomware is a big danger which can compromise everything in a blink of an eye and causes huge loss of data or money, according…