Rootkits 24 September 2021 Hooking or Monitoring System calls in linux using ftrace In this post we will see how can you use ftrace to hook linux system calls. For learning purpose, we will create a kernel module that will make any target file immutable in system.
Featured Firmware 14 November 2020 Firmware security 1: Playing with PCI device memory In this part of the series we will go through the basic of PCI devices and their memory. We will be developing linux kernel driver and using chipsec to analyze the data practically.
Exploit Development 20 October 2020 Impact of x64 calling convention in format string exploitation In this post I will try to give you a brief on how format string exploitation can differ in 64 bit architecture due to different calling convention in 64 bit.
Featured Intel architecture 21 February 2020 Segmentation in Intel x64(IA-32e) architecture - explained using Linux In this article we will go through Segmentation in basic and cover it for x64 (IA-32e) processors by extracting the details inside a Linux system.
Virtualization 12 November 2019 Developing hypervisor from scratch: Part 4 - Setting up HOST and GUEST State In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of HOST and GUEST state area and at last the vmlaunch.
Virtualization 30 September 2019 Developing hypervisor from scratch: Part 3 - Setting up VMCS In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of VMCS structure.
Virtualization 9 August 2019 Developing hypervisor from scratch: Part 2 - VMXON Operation In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will execute VMXON operation.
Featured Virtualization 8 August 2019 Developing hypervisor from scratch: Part 1 - Intro and Setup In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. Also this series will help to learn low level virtualization.
Firmware 19 July 2019 Getting processor information using cpuid instruction and inline assembly cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c.
Malware 18 September 2018 Malware analysis interview questions with detailed answers (Part 3) Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.
Security 10 February 2018 Creating encrypted partition in linux The risk of systems getting physically compromise, particularly portable systems such as laptops, puts sensitive data at risk of compromise. Encrypting its data mitigates the risk of getting exposure if system is lost.
Virtualization 9 February 2018 Creating ARM architecture environment inside x86/x64 linux If you want your hands on arm architecture assembly then you probably would be wondering how can I generate the *ARM* assembly or use ARM toolset in general inside my intel x86 or x64 architecture system. In this article we will explain you how you can do that by using qemu and chroot.
Security 3 February 2018 Reduce Security Risks with SELinux Discover SELinux, a security module that provides extra protocols to ensure access control security. It supports mandatory access controls (MAC) and is an integral part of RHEL’s security policy.
Featured Exploit Development 29 January 2018 Exploiting Off-by-One buffer overflow vulnerability Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string,
Firmware 5 January 2018 Replace your proprietary bios with linux firmware Intel system comes with UEFI, UEFI is a proprietary and closed-source operating system that can be exploited.NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google can replace almost all of UEFI firmware with a tiny Linux kernel and initramfs.