Windows OS
Fixing DLL exports for DLL hijacking(DLL proxy)
In this post we will discuss ways to export functions from your dll for dll hijacking. Exporting functions | Dll Proxy
Malware
Include topic about different malware attacks and their analysis in Linux and Windows system. You will learn how to dynamically or statically analyze them and detect them using different tools.
Exploit Development
Breaking Antivirus: Arbitrary file deletion using Symbolic link
A newly discovered symbolic link attack in many antivirus can cause arbitrary file deletion. In this blog, we will be discussing how to create the exploit and mitigate it.
Malware
Malware analysis interview questions with detailed answers (Part 4)
In this part we will discuss advance as well as miscellaneous questions for malware analysis interview. Even if you are already an experienced researcher, still these questions can be helpful for learning some new stuff.
Firmware
Analyse default BIOS protection of your system against LoJax: UEFI rootkit
LoJax is first rootkit in the wild that try to write a UEFI module into system's SPI Flash Memory. You can analyse your system's default BIOS/UEFI protection against such malware which we will discuss in this article.
Malware
Malware analysis interview questions with detailed answers (Part 3)
Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.
Malware
Malware analysis interview questions with detailed answers (Part 2)
Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is OS concepts, Programming, Assembly language and Dynamic analysis.
Malware
Malware analysis interview questions with detailed answers (Part 1)
Here is a series of important questions with detailed answers for malware analysis interviews. These question can be helpful for both candidates and interviewers.
Malware
Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-2
In this part we will do the static analysis of dropper of tofsee .Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server.
Malware
Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-1
Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server. In this part we will do the dynamic analysis of dropper of tofsee.
Rootkits
Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)
Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.