-
Recent Posts
Archives
- March 2023 (1)
- November 2022 (1)
- October 2022 (2)
- February 2022 (1)
- January 2022 (1)
- October 2021 (3)
- January 2021 (1)
- December 2020 (1)
- September 2019 (1)
- June 2019 (1)
- January 2019 (1)
- July 2018 (1)
- April 2018 (1)
- February 2018 (1)
- January 2018 (2)
- December 2017 (2)
- November 2017 (1)
- June 2017 (4)
- May 2017 (2)
- December 2016 (1)
- November 2016 (1)
- July 2016 (3)
- June 2016 (1)
- April 2016 (1)
- March 2016 (2)
- February 2016 (1)
- October 2014 (1)
- March 2014 (1)
- February 2014 (2)
- January 2014 (1)
- November 2013 (1)
- October 2013 (1)
- September 2013 (1)
- August 2013 (1)
- July 2013 (3)
- July 2012 (1)
- May 2012 (1)
- April 2012 (1)
Categories
- CONfidence (3)
- CrackMe (18)
- KernelMode (4)
- Malware (14)
- Malware Decryptor (5)
- PE-bear (12)
- Programming (5)
- Techniques (4)
- Tools (9)
- Tutorial (15)
- Uncategorized (3)
- WKE (3)
Blog Stats
- 1,310,865 hits
All my works included here are licensed under:
Category Archives: Uncategorized
Flare-On 8 – Task 6
Flare-On is an annual “reverse engineering marathon” organized by Mandiant (formerly by FireEye). You can see more information here. It is a Capture-The-Flag type of a contest, where you are given a set of crackmes with growing difficulity. This year … Continue reading
Flare-On 8 – Task 9
Flare-On is an annual “reverse engineering marathon” organized by Mandiant (formerly by FireEye). You can see more information here. It is a Capture-The-Flag type of a contest, where you are given a set of crackmes with growing difficulity. This year … Continue reading
Application shimming vs Import Table recovery
In this post I am sharing a case that I investigated recently, during the tests of my application, PE-sieve. It demonstrates how the shims applied by the operating system can disrupt Imports recovery. Continue reading
Posted in Programming, Uncategorized
Tagged Import, Import Table, Import Table rebuilding, Import Table recovery, PE, PE-sieve, shim
1 Comment
hasherezade's 1001 nights 