Virtualization / a month ago Developing hypervisor from scratch: Part 2 - VMXON Operation In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will execute VMXON operation.
Virtualization / a month ago Developing hypervisor from scratch: Part 1 - Intro and Setup In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. Also this series will help to learn low level virtualization.
Firmware / 2 months ago Getting processor information using cpuid instruction and inline assembly cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c.
Reverse engineering / 10 months ago What's at 1st sector/MBR of hard disk(MBR Forensics) MBR have lots of details about the hard disk or other storage disk which can be used for forensics purposes. In this article we will analyze the MBR's 512 bytes of data and try to interpret it.
Firmware / a year ago Analyse default BIOS protection of your system against LoJax: UEFI rootkit LoJax is first rootkit in the wild that try to write a UEFI module into system's SPI Flash Memory. You can analyse your system's default BIOS/UEFI protection against such malware which we will discuss in this article.
Malware / a year ago Malware analyst interview questions with detailed answers (Part 3) Here are few more important questions with detailed answers for malware analyst interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.
Exploit Development / a year ago Exploiting buffer overflow in Windows application through TextBox using only Alphanumeric payload Lets look at how to exploit seh based buffer overflow in WIndows GUI application that have input restrictions of supporting only ascii characters as input.
Malware / a year ago Malware analyst interview questions with detailed answers (Part 2) Here are few more important questions with detailed answers for malware analyst interview. Topic covers in this part is OS concepts, Programming, Assembly language and Dynamic analysis.
Malware / a year ago Malware analyst interview questions with detailed answers (Part 1) Here are few important questions with detailed answers for malware analyst interview. These question can be helpful for both candidates as well as interviews.
Malware / a year ago Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-2 In this part we will do the static analysis of dropper of tofsee .Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server.
Malware / a year ago Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-1 Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server. In this part we will do the dynamic analysis of dropper of tofsee.
Rootkits / a year ago Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS) Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.
Security / a year ago Let's discuss about vpn's and tor security Last week I was looking at Tor network security. I have learnt quite a new things that I didn't knew about earlier. So, I decide to summarize it and put it in a article.
Virtualization / 2 years ago Creating ARM architecture environment inside x86/x64 linux If you want your hands on arm architecture assembly then you probably would be wondering how can I generate the *ARM* assembly or use ARM toolset in general inside my intel x86 or x64 architecture system. In this article we will explain you how you can do that by using qemu and chroot.
Exploit Development / 2 years ago Exploiting Off-by-One buffer overflow vulnerability Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string,
Firmware / 2 years ago Replace your proprietary bios with linux firmware Intel system comes with UEFI, UEFI is a proprietary and closed-source operating system that can be exploited.NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google can replace almost all of UEFI firmware with a tiny Linux kernel and initramfs.
