Articles

Discussion on reverse-engineering and debugging.
raxen
Posts: 2
Joined: Wed Dec 14, 2011 1:37 pm

Re: Articles

Post by raxen » Thu Aug 08, 2013 11:21 am

Igor's site has a lot of great items....


User avatar
0xFFFF
Posts: 7
Joined: Tue Jan 14, 2014 3:30 pm
Location: Minkowski Space
Contact:

Re: Articles

Post by 0xFFFF » Tue Jan 14, 2014 4:04 pm

http://www.reconstructer.org/papers.html

Some papers about malware analysis.


AronPX
Posts: 9
Joined: Sun Apr 27, 2014 1:01 am

Re: Articles

Post by AronPX » Tue Apr 29, 2014 9:42 am

Windows UEFI startup – A technical overview
https://news.saferbytes.it/analisi/2013 ... -overview/

A Tale of One Software Bypass of Windows 8 Secure Boot
https://media.blackhat.com/us-13/us-13- ... Slides.pdf

DETECTING OSX AND WINDOWS BOOTKITS WITH RDFU
http://www.reversinglabs.com/sites/defa ... 202013.pdf

Using The Windows 8 Platform crypto Provider and associated TPM
http://tiw2013.cse.psu.edu/slides/Using ... 4.2013.pdf

User avatar
rkhunter
Posts: 1152
Joined: Mon Mar 15, 2010 12:51 pm
Location: Russian Federation
Contact:

Re: Articles

Post by rkhunter » Mon May 19, 2014 8:46 am

"All about the RPC, LRPC, ALPC, and LPC in your PC" @aionescu Syscan 2014

http://www.syscan.org/index.php/downloa ... yourPC.zip

User avatar
R00tKit
Posts: 129
Joined: Tue Nov 16, 2010 8:23 pm
Contact:

Re: Articles

Post by R00tKit » Tue Jun 24, 2014 10:53 am

@R00tkitSMM

Websly
Posts: 3
Joined: Sat Sep 21, 2013 1:08 pm

Re: Articles

Post by Websly » Fri Aug 08, 2014 7:31 am

Some bookmarks I find useful that haven't been posted yet.

Symantec anti-debug reference:
http://www.symantec.com/connect/article ... -reference

Windows Internals crash course:
http://trapframe.org/just-enough-kernel-to-get-by/
http://trapframe.org/just-enough-kernel-to-get-by-2/


Two more links that are not articles, but some of you might find them useful:

Asm instruction set reference:
http://faydoc.tripod.com/cpu/index_a.htm

File signature references:
http://www.garykessler.net/library/file_sigs.html

p4r4n0id
Posts: 126
Joined: Thu Sep 22, 2011 11:36 am
Location: Israel
Contact:

kaspersky hooking engine analysis

Post by p4r4n0id » Tue Oct 28, 2014 8:50 am

Keep Low. Move Fast. Kill First. Die Last. One Shot. One Kill. No Luck. Pure Skill.
http://p4r4n0id.com/

User avatar
Snakebyte
Posts: 12
Joined: Tue Oct 07, 2014 9:33 am

Re: Articles

Post by Snakebyte » Sat May 16, 2015 7:36 pm

x86 Disassembly: Exploring the relationship between C, x86 Assembly, and Machine Code:
http://upload.wikimedia.org/wikipedia/c ... sembly.pdf

Post Reply