#reversing
Decompilation Debugging: Pretending All Binaries Come With Source Code
https://clearbluejar.github.io/posts/decompilation-debugging-pretending-all-binaries-come-with-source-code
Decompilation Debugging: Pretending All Binaries Come With Source Code
https://clearbluejar.github.io/posts/decompilation-debugging-pretending-all-binaries-come-with-source-code
clearbluejar
Decompilation Debugging
Debugging an application can provide the insight needed troubleshoot a subtle bug in your software. Normally, when debugging, you have source code and data type information (aka symbols) to help navigate your application. In the world of Reverse Engineering…
Debugging and Reversing ALPC
https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html
#windows_internals , #reversing , #debugging , #ALPC
https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html
#windows_internals , #reversing , #debugging , #ALPC
Forwarded from Some Security Notes
#malware #reversing
Показано как с помощью параметра SectionAlignment создать исполняемый файл с пустым PE-заголовком.
https://secret.club/2023/06/05/spoof-pe-sections.html
Показано как с помощью параметра SectionAlignment создать исполняемый файл с пустым PE-заголовком.
https://secret.club/2023/06/05/spoof-pe-sections.html
secret club
Abusing undocumented features to spoof PE section headers
Introduction Some time ago, I accidentally came across some interesting behaviour in PE files while debugging an unrelated project. I noticed that setting the SectionAlignment value in the NT header to a value lower than the page size (4096) resulted in significant…
ER_01.pdf
4.1 MB
#reversing
"Exploiting Reversing (ER) series: Article 01", rev.A, April 2023.
]-> ER: article 02 (2024, .pdf):
https://exploitreversing.files.wordpress.com/2024/01/exploit_reversing_02.pdf
"Exploiting Reversing (ER) series: Article 01", rev.A, April 2023.
]-> ER: article 02 (2024, .pdf):
https://exploitreversing.files.wordpress.com/2024/01/exploit_reversing_02.pdf
Forwarded from CyberSecurityTechnologies (-CST-)
#reversing
Reversing Windows Container
Part 1 - Silo:
https://blog.quarkslab.com/reversing-windows-container-episode-i-silo.html
Part 2 - Silo to Server Silo:
https://blog.quarkslab.com/reversing-windows-container-part-ii-silo-to-server-silo.html
Reversing Windows Container
Part 1 - Silo:
https://blog.quarkslab.com/reversing-windows-container-episode-i-silo.html
Part 2 - Silo to Server Silo:
https://blog.quarkslab.com/reversing-windows-container-part-ii-silo-to-server-silo.html
🔥3👍1
Forwarded from CyberSecurityTechnologies (-CST-)
#reversing
Windows Inter Process Communication:
A Deep Dive Beyond the Surface
Part 1 - IPC Roadmap
Part 2 - RPC Architecture Overview
Part 3 - Handles and binding
Part 4 - RPC Security
Windows Inter Process Communication:
A Deep Dive Beyond the Surface
Part 1 - IPC Roadmap
Part 2 - RPC Architecture Overview
Part 3 - Handles and binding
Part 4 - RPC Security
🔥9❤3👍2👏2