Virtualization
Developing hypervisor from scratch: Part 2 - VMXON Operation
In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will execute VMXON operation.
Shubham Dubey
Besides being a Linux & Open source advocate, I spent most of my time in working on low level security stuff(Reversing, Rootkits, Bios, negative rings etc).
Virtualization
Developing hypervisor from scratch: Part 1 - Intro and Setup
In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. Also this series will help to learn low level virtualization.
Firmware
Getting processor information using cpuid instruction and inline assembly
cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c.
Reverse engineering
What's at 1st sector/MBR of hard disk(MBR Forensics)
MBR have lots of details about the hard disk or other storage disk which can be used for forensics purposes. In this article we will analyze the MBR's 512 bytes of data and try to interpret it.
Firmware
Analyse default BIOS protection of your system against LoJax: UEFI rootkit
LoJax is first rootkit in the wild that try to write a UEFI module into system's SPI Flash Memory. You can analyse your system's default BIOS/UEFI protection against such malware which we will discuss in this article.
Malware
Malware analysis interview questions with detailed answers (Part 3)
Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.
Exploit Development
Exploiting buffer overflow in Windows application through TextBox using only Alphanumeric payload
Lets look at how to exploit seh based buffer overflow in WIndows GUI application that have input restrictions of supporting only ascii characters as input.
Malware
Malware analysis interview questions with detailed answers (Part 2)
Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is OS concepts, Programming, Assembly language and Dynamic analysis.
Malware
Malware analysis interview questions with detailed answers (Part 1)
Here is a series of important questions with detailed answers for malware analysis interviews. These question can be helpful for both candidates and interviewers.
Malware
Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-2
In this part we will do the static analysis of dropper of tofsee .Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server.
Malware
Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-1
Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server. In this part we will do the dynamic analysis of dropper of tofsee.
Rootkits
Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)
Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.