What's at 1st sector/MBR of hard disk(MBR Forensics)
MBR have lots of details about the hard disk or other storage disk which can be used for forensics purposes. In this article we will analyze the MBR's 512 bytes of data and try to interpret it.
Security
Explaining how to secure your linux system or improving your online privacy.
Malware analyst interview questions with detailed answers (Part 3)
Here are few more important questions with detailed answers for malware analyst interview. Topic covers in this part is Dynamic analysis, static analysis and debugging.
Exploiting buffer overflow in Windows application through TextBox using only Alphanumeric payload
Lets look at how to exploit seh based buffer overflow in WIndows GUI application that have input restrictions of supporting only ascii characters as input.
Malware analyst interview questions with detailed answers (Part 2)
Here are few more important questions with detailed answers for malware analyst interview. Topic covers in this part is OS concepts, Programming, Assembly language and Dynamic analysis.
Malware analyst interview questions with detailed answers (Part 1)
Here are few important questions with detailed answers for malware analyst interview. These question can be helpful for both candidates as well as interviews.
Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-2
In this part we will do the static analysis of dropper of tofsee .Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server.
Deep dive into Tofsee spambot(Win32:Tofsee-J) malware dropper-1
Tofsee is a spambot categorie of malware used to send spam messages, click fraud to different smtp mail server. In this part we will do the dynamic analysis of dropper of tofsee.
Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)
Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.
Let's discuss about vpn's and tor security
Last week I was looking at Tor network security. I have learnt quite a new things that I didn't knew about earlier. So, I decide to summarize it and put it in a article.
Creating encrypted partition in linux
The risk of systems getting physically compromise, particularly portable systems such as laptops, puts sensitive data at risk of compromise. Encrypting its data mitigates the risk of getting exposure if system is lost.
Reduce Security Risks with SELinux
Discover SELinux, a security module that provides extra protocols to ensure access control security. It supports mandatory access controls (MAC) and is an integral part of RHEL’s security policy.
Exploiting Off-by-One buffer overflow vulnerability
Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string,
Replace your proprietary bios with linux firmware
Intel system comes with UEFI, UEFI is a proprietary and closed-source operating system that can be exploited.NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google can replace almost all of UEFI firmware with a tiny Linux kernel and initramfs.
Finding and removing malware from windows in minimal steps using sysinternals suite
Did your system ever get affected with malwares? Did you know you can manually remove common malwares with very little technical knowledge. In this article I will explain you how to find malware using sysinternals suite.