Linux Summary of linux kernel security protections and associated attacks Linux kernel goes through rapid changes frequently. Unlike other platforms, Linux security features are not advertised enough and are limited to mail threads. Since Linux is getting more popular, it's important to be aware about protections it provides against sophisticated attacks targeting kernel. By Shubham Dubey 1 Jan 2023
Rootkits Hooking or Monitoring System calls in linux using ftrace In this post we will see how can you use ftrace to hook linux system calls. For learning purpose, we will create a kernel module that will make any target file immutable in system. By Shubham Dubey 24 Sep 2021
Firmware Firmware security 1: Playing with PCI device memory In this part of the series we will go through the basic of PCI devices and their memory. We will be developing linux kernel driver and using chipsec to analyze the data practically. By Shubham Dubey 14 Nov 2020
Exploit Development Impact of x64 calling convention in format string exploitation In this post I will try to give you a brief on how format string exploitation can differ in 64 bit architecture due to different calling convention in 64 bit. By Shubham Dubey 20 Oct 2020
Intel architecture Segmentation in Intel x64(IA-32e) architecture - explained using Linux In this article we will go through Segmentation in basic and cover it for x64 (IA-32e) processors by extracting the details inside a Linux system. By Shubham Dubey 21 Feb 2020
Virtualization Developing hypervisor from scratch: Part 4 - Setting up HOST and GUEST State In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of HOST and GUEST state area and at last the vmlaunch. By Shubham Dubey 12 Nov 2019
Virtualization Developing hypervisor from scratch: Part 3 - Setting up VMCS In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of VMCS structure. By Shubham Dubey 30 Sep 2019
Virtualization Developing hypervisor from scratch: Part 2 - VMXON Operation In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will execute VMXON operation. By Shubham Dubey 9 Aug 2019
Virtualization Developing hypervisor from scratch: Part 1 - Intro and Setup In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. Also this series will help to learn low level virtualization. By Shubham Dubey 8 Aug 2019
Firmware Getting processor information using cpuid instruction and inline assembly cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c. By Shubham Dubey 19 Jul 2019
Malware Malware analysis interview questions with detailed answers (Part 3) Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is Dynamic analysis, static analysis and debugging. By Shubham Dubey 18 Sep 2018
Security Creating encrypted partition in linux The risk of systems getting physically compromise, particularly portable systems such as laptops, puts sensitive data at risk of compromise. Encrypting its data mitigates the risk of getting exposure if system is lost. By Kshitij Upadhyay 10 Feb 2018
Virtualization Creating ARM architecture environment inside x86/x64 linux If you want your hands on arm architecture assembly then you probably would be wondering how can I generate the *ARM* assembly or use ARM toolset in general inside my intel x86 or x64 architecture system. In this article we will explain you how you can do that by using qemu and chroot. By Shubham Dubey 9 Feb 2018
Security Reduce Security Risks with SELinux Discover SELinux, a security module that provides extra protocols to ensure access control security. It supports mandatory access controls (MAC) and is an integral part of RHEL’s security policy. By Kshitij Upadhyay 3 Feb 2018
Exploit Development Exploiting Off-by-One buffer overflow vulnerability Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string, By Shubham Dubey 29 Jan 2018