Follow

Subscribe to nixhacker - The Reverser's Space

Get the latest posts delivered right to your inbox

Great! Check your inbox and click the link to confirm your subscription

Please enter a valid email address!
Log in Sign up

Analysis

Analyzing different OS security technologies and Internals of components of operating system.

15 Articles

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 4

This article series is a technical dive into the evaluation of these memory corruption mitigations. This part is focus on memory error detection tools introduced over years.

By Shubham Dubey 7 Jan 2024

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 3

This article series is a technical dive into the evaluation of these memory corruption mitigations. This part is focus on mitigations that second generation, mostly introduced after 2010.

By Shubham Dubey 7 Jan 2024

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 2

This article series is a technical dive into the evaluation of these memory corruption mitigations. This part is focus of mitigations that first generation, introduced before 2010 mostly.

By Shubham Dubey 7 Jan 2024

Exploit Development

Nostalgic memory - An attempt to understand the evolution of memory corruption mitigations - Part 1

Arbitrary Code execution due to memory corruption is there since the years and still a major thing. Over the year, new protective measures have been introduced periodically to mitigate these attacks.This article series is a technical dive into the evaluation of these memory corruption mitigations.

By Shubham Dubey 7 Jan 2024

MacOS Security

Uncovering the security protections in MAC - XProtect and MRT

In the second part of the series I will discuss on XProtect and MRT working and limitations for both the setups. This will give you an idea how robust Macos default malware detection solution is.

By Shubham Dubey 22 Feb 2022

MacOS Security

Uncovering the security protections in MacOS - Gatekeeper

In this series, I will be uncovering the internals of MacOS security protections. In this part I will be focus on Gatekeeper.

By Shubham Dubey 22 Feb 2022

Firmware

Firmware security 1: Playing with PCI device memory

In this part of the series we will go through the basic of PCI devices and their memory. We will be developing linux kernel driver and using chipsec to analyze the data practically.

By Shubham Dubey 14 Nov 2020

Intel architecture

Segmentation in Intel x64(IA-32e) architecture - explained using Linux

In this article we will go through Segmentation in basic and cover it for x64 (IA-32e) processors by extracting the details inside a Linux system.

By Shubham Dubey 21 Feb 2020

Reverse engineering

What's at 1st sector/MBR of hard disk(MBR Forensics)

MBR have lots of details about the hard disk or other storage disk which can be used for forensics purposes. In this article we will analyze the MBR's 512 bytes of data and try to interpret it.

By Shubham Dubey 22 Nov 2018

Firmware

Analyse default BIOS protection of your system against LoJax: UEFI rootkit

LoJax is first rootkit in the wild that try to write a UEFI module into system's SPI Flash Memory. You can analyse your system's default BIOS/UEFI protection against such malware which we will discuss in this article.

By Shubham Dubey 28 Sep 2018

Malware

Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-2

In this part we will do the static analysis of dropper of tofsee .Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server.

By Shubham Dubey 5 Jul 2018

Malware

Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-1

Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server. In this part we will do the dynamic analysis of dropper of tofsee.

By Shubham Dubey 3 Jul 2018

Rootkits

Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)

Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.

By Shubham Dubey 13 Jun 2018

Security

Finding and removing malware from windows in minimal steps using sysinternals suite

Did your system ever get affected with malwares? Did you know you can manually remove common malwares with very little technical knowledge. In this article I will explain you how to find malware using sysinternals suite.

By Shubham Dubey 31 Dec 2017

Tutorial

Finding file information using different methods

Information about files content can be found using different methods in both windows and linux systems. This knowledge can be handy if you are developing a program or script that is dealing with files.

By Shubham Dubey 27 Dec 2017

Analysis

Search suggestions