Follow

Subscribe to nixhacker - The Reverser's Space

Get the latest posts delivered right to your inbox

Great! Check your inbox and click the link to confirm your subscription

Please enter a valid email address!
Log in Sign up

Reverse engineering

Learn reverse engineering and Malware analysis in windows and linux system using different tools and techniques.

14 Articles

Peeling Back the Layers: Understanding Windows components Architecture through SAC/EMS Reversing

In this article, we will be exploring the inner workings of how SAC operates! This will also give you a better understanding of the low-level components of Windows implementation details, and what you can look forward to after reversing them.

By Shubham Dubey 6 Sep 2024

Reverse engineering

Remote debugging windows kernel driver(without symbols) using windbg

In this post we are going to learn few tips and tricks to debug a Windows kernel driver without symbols in windbg.

By Shubham Dubey 2 Jul 2021

Exploit Development

Impact of x64 calling convention in format string exploitation

In this post I will try to give you a brief on how format string exploitation can differ in 64 bit architecture due to different calling convention in 64 bit.

By Shubham Dubey 20 Oct 2020

Malware

Malware analysis interview questions with detailed answers (Part 4)

In this part we will discuss advance as well as miscellaneous questions for malware analysis interview. Even if you are already an experienced researcher, still these questions can be helpful for learning some new stuff.

By Shubham Dubey 26 Dec 2019

Firmware

Getting processor information using cpuid instruction and inline assembly

cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c.

By Shubham Dubey 19 Jul 2019

Reverse engineering

What's at 1st sector/MBR of hard disk(MBR Forensics)

MBR have lots of details about the hard disk or other storage disk which can be used for forensics purposes. In this article we will analyze the MBR's 512 bytes of data and try to interpret it.

By Shubham Dubey 22 Nov 2018

Malware

Malware analysis interview questions with detailed answers (Part 3)

Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.

By Shubham Dubey 18 Sep 2018

Exploit Development

Exploiting buffer overflow in Windows application through TextBox using only Alphanumeric payload

Lets look at how to exploit seh based buffer overflow in WIndows GUI application that have input restrictions of supporting only ascii characters as input.

By Shubham Dubey 7 Sep 2018

Malware

Malware analysis interview questions with detailed answers (Part 2)

Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is OS concepts, Programming, Assembly language and Dynamic analysis.

By Shubham Dubey 6 Aug 2018

Malware

Malware analysis interview questions with detailed answers (Part 1)

Here is a series of important questions with detailed answers for malware analysis interviews. These question can be helpful for both candidates and interviewers.

By Shubham Dubey 3 Aug 2018

Malware

Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-2

In this part we will do the static analysis of dropper of tofsee .Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server.

By Shubham Dubey 5 Jul 2018

Malware

Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-1

Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server. In this part we will do the dynamic analysis of dropper of tofsee.

By Shubham Dubey 3 Jul 2018

Rootkits

Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)

Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.

By Shubham Dubey 13 Jun 2018

Exploit Development

Exploiting Off-by-One buffer overflow vulnerability

Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string,

By Shubham Dubey 29 Jan 2018

Reverse engineering

Search suggestions