Polska edycja
-
Recent Posts
Archives
- May 2017 (2)
- December 2016 (1)
- November 2016 (1)
- July 2016 (3)
- June 2016 (1)
- April 2016 (1)
- March 2016 (2)
- February 2016 (1)
- October 2014 (1)
- March 2014 (1)
- February 2014 (2)
- January 2014 (1)
- November 2013 (1)
- October 2013 (1)
- September 2013 (1)
- August 2013 (1)
- July 2013 (3)
- July 2012 (1)
- May 2012 (1)
- April 2012 (1)
Categories
Blogroll
Links
- AaLl86 Security Blog
- Algorithm Tutorials (TopCoder)
- Analyzing Unknown Malware [by R136a1]
- Applied mathematics (UW) [PL]
- APU Cyber Security & Forensics Club
- Binary Auditing Training
- C++ Tutorials
- Crackmes.de
- Design Patterns – video tutorials
- Design Patterns in stories
- EXEinfo – a good alternative for PEiD
- Insanely Low-Level
- Intel Pentium Instruction Set Reference
- ISIS lab
- Lectures from IT studies – PJWSTK [PL]
- Malware Archive
- MIMUW Wazniak [PL]
- MIT OpenCourseWare
- NetSecNow – videotutorials
- OpenRCE
- OS Dev Wiki
- Peter Ferrie [RCE]
- Quick Unpack
- RegEx Tutorial
- ReverseEngineering on reddit
- Sandsprite tools
- SecurityTube
- VideoTutorials by Derek Banas (programming/design)
- ViriList
- Woodman RCE Community
- Zynamics
Blog Stats
- 102,262 hits
All my works included here are licensed under:
Category Archives: Tutorial
Starting with Windows Kernel Exploitation – part 1 – setting up the lab
Recently I started learning Windows Kernel Exploitation, so I decided to share some of my notes in form of a blog. This part will be about setting up the lab. In further parts I am planning to describe how to … Continue reading
Posted in Tutorial
Leave a comment
Hijacking extensions handlers as a malware persistence method
Recently I gave a presentation titled “Wicked malware persistence methods” (read more here). After releasing the slides I got questions about some of the demonstrated methods – especially about the details of extension handler hijacking – so, I decided to … Continue reading
Posted in Malware, Tutorial
2 Comments
Introducing PE_unmapper
Recently I wrote a small tool, that can be used as a helper in malware analysis. Various malware types unpack their core modules in memory, load them and run. In order to unpack them fast, we can let the malware … Continue reading
How to turn a DLL into a standalone EXE
During malware analysis we can often encounter payloads in form of DLLs. Analyzing them dynamically may not be very handy, because they need some external loaders to run. Different researchers have different tricks to deal with them. In this post … Continue reading
Posted in Malware, Tutorial
5 Comments
Unpacking NSIS-based Crypter – part 2
After publishing my short tutorial about unpacking NSIS-based crypter I got one more sample from a reader who complained that my method doesn’t work – so I decided to take a look inside. Of course cybercriminals continuously work on improving … Continue reading
Posted in Malware, Tutorial
2 Comments
Unpacking NSIS-based Crypter – step by step
Nowadays we can encounter many malware samples packed by a crypter using installer scripts. We can distinguish them by a NSIS tag on Virus Total: Often, (but not always) they come with a standard NSIS icon: In this tutorial, I … Continue reading
Posted in Malware, Tutorial
8 Comments
