-
Recent Posts
- Solving the Shabak’s Airplane challenge – Task 3
- Solving the Shabak’s Airplane challenge – Tasks 1 and 2
- Starting with Windows Kernel Exploitation – part 3 – stealing the Access Token
- Starting with Windows Kernel Exploitation – part 2 – getting familiar with HackSys Extreme Vulnerable Driver
- Starting with Windows Kernel Exploitation – part 1 – setting up the lab
Archives
- June 2017 (4)
- May 2017 (2)
- December 2016 (1)
- November 2016 (1)
- July 2016 (3)
- June 2016 (1)
- April 2016 (1)
- March 2016 (2)
- February 2016 (1)
- October 2014 (1)
- March 2014 (1)
- February 2014 (2)
- January 2014 (1)
- November 2013 (1)
- October 2013 (1)
- September 2013 (1)
- August 2013 (1)
- July 2013 (3)
- July 2012 (1)
- May 2012 (1)
- April 2012 (1)
Categories
- CONfidence (3)
- CrackMe (7)
- Malware (11)
- Malware Decryptor (5)
- PE-bear (10)
- Tools (6)
- Tutorial (8)
- Uncategorized (1)
- WKE (3)
Blog Stats
- 134,414 hits
All my works included here are licensed under:
Monthly Archives: March 2016
Petya key decoder
source code (Red Petya recovery) NEWS [05 July 2017] The author of the original Petya malware released his master key. Read more details here: https://blog.malwarebytes.com/cybercrime/2017/07/the-key-to-the-old-petya-has-been-published-by-the-malware-author/. WARNING: the key works only for the original Petya, not for the Petya-based malware known … Continue reading
Posted in Malware, Malware Decryptor, Tools
19 Comments
Introduction to ADS – Alternate Data Streams
Sometimes during automated malware analysis in a sandbox (i.e. Cuckoo), we can get in the report the following information: “creating alternate data streams”. It is related with an interesting feature of NTFS file system, that can be used for hidden … Continue reading
Posted in Malware, Uncategorized
Leave a comment
