Linux

---

Rootkits 24 September 2021

Hooking or Monitoring System calls in linux using ftrace

In this post we will see how can you use ftrace to hook linux system calls. For learning purpose, we will create a kernel module that will make any target file immutable in system.

---

Featured

Firmware 14 November 2020

Firmware security 1: Playing with PCI device memory

In this part of the series we will go through the basic of PCI devices and their memory. We will be developing linux kernel driver and using chipsec to analyze the data practically.

---

Exploit Development 20 October 2020

Impact of x64 calling convention in format string exploitation

In this post I will try to give you a brief on how format string exploitation can differ in 64 bit architecture due to different calling convention in 64 bit.

---

Featured

Intel architecture 21 February 2020

Segmentation in Intel x64(IA-32e) architecture - explained using Linux

In this article we will go through Segmentation in basic and cover it for x64 (IA-32e) processors by extracting the details inside a Linux system.

---

Virtualization 12 November 2019

Developing hypervisor from scratch: Part 4 - Setting up HOST and GUEST State

In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of HOST and GUEST state area and at last the vmlaunch.

---

Virtualization 30 September 2019

Developing hypervisor from scratch: Part 3 - Setting up VMCS

In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of VMCS structure.

---

Virtualization 9 August 2019

Developing hypervisor from scratch: Part 2 - VMXON Operation

In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will execute VMXON operation.

---

Featured

Virtualization 8 August 2019

Developing hypervisor from scratch: Part 1 - Intro and Setup

In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. Also this series will help to learn low level virtualization.

---

Firmware 19 July 2019

Getting processor information using cpuid instruction and inline assembly

cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c.

---

Malware 18 September 2018

Malware analysis interview questions with detailed answers (Part 3)

Here are few more important questions with detailed answers for malware analysis interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.

---

Security 10 February 2018

Creating encrypted partition in linux

The risk of systems getting physically compromise, particularly portable systems such as laptops, puts sensitive data at risk of compromise. Encrypting its data mitigates the risk of getting exposure if system is lost.

---

Virtualization 9 February 2018

Creating ARM architecture environment inside x86/x64 linux

If you want your hands on arm architecture assembly then you probably would be wondering how can I generate the *ARM* assembly or use ARM toolset in general inside my intel x86 or x64 architecture system. In this article we will explain you how you can do that by using qemu and chroot.

---

Security 3 February 2018

Reduce Security Risks with SELinux

Discover SELinux, a security module that provides extra protocols to ensure access control security. It supports mandatory access controls (MAC) and is an integral part of RHEL’s security policy.

---

Featured

Exploit Development 29 January 2018

Exploiting Off-by-One buffer overflow vulnerability

Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string,

---

Firmware 5 January 2018

Replace your proprietary bios with linux firmware

Intel system comes with UEFI, UEFI is a proprietary and closed-source operating system that can be exploited.NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google can replace almost all of UEFI firmware with a tiny Linux kernel and initramfs.