A forum for reverse engineering, OS internals and malware analysis 

Search found 394 matches

 Go to advanced search

Re: PPEE - Professional PE Explorer

 by Buster_BSA ¦  Sun May 14, 2017 1:31 am ¦  Forum: Tools/Software ¦  Topic: PPEE - Professional PE Explorer ¦  Replies: 11 ¦  Views: 34454

Thanks for contributing this tool!

Re: Looking for specific malware

 by Buster_BSA ¦  Thu May 19, 2016 2:26 pm ¦  Forum: Newbie Questions ¦  Topic: Looking for specific malware ¦  Replies: 4 ¦  Views: 11612

And two hard boiled eggs!

Re: File/Registry/Memory Analysis/Monitoring Tools

 by Buster_BSA ¦  Wed Oct 28, 2015 8:54 am ¦  Forum: Newbie Questions ¦  Topic: File/Registry/Memory Analysis/Monitoring Tools ¦  Replies: 2 ¦  Views: 5469

Try Volatilty + ProcMon.

Re: Dumping a driver out of memory

 by Buster_BSA ¦  Mon May 11, 2015 9:27 pm ¦  Forum: Newbie Questions ¦  Topic: Dumping a driver out of memory ¦  Replies: 5 ¦  Views: 7331

Check if this is what you are looking for:

http://www.kernelmode.info/forum/viewto ... lit=Drvmon

Re: Sandboxie and x64

 by Buster_BSA ¦  Wed Apr 22, 2015 9:51 pm ¦  Forum: Newbie Questions ¦  Topic: Sandboxie and x64 ¦  Replies: 9 ¦  Views: 11218

Windows XP x64 was not supported by Sandboxie.

Re: Sandboxie and x64

 by Buster_BSA ¦  Wed Apr 22, 2015 7:48 pm ¦  Forum: Newbie Questions ¦  Topic: Sandboxie and x64 ¦  Replies: 9 ¦  Views: 11218

tzuk were using shadow ssdt hooks in earlier experimental builds, but with windows 8 patch guard he was forced to switch to the running sandboxed process in untrusted IL with anonymous user token. SBIEDLL is a virtualization compatibility layer which makes sandbox transparent to the sandboxed appli...

Re: Process dumping tool

 by Buster_BSA ¦  Sun Apr 19, 2015 5:36 pm ¦  Forum: Tools/Software ¦  Topic: Process dumping tool ¦  Replies: 13 ¦  Views: 41962

Thank you very much for the update and the new features!

Re: Anti-malwares for Win98SE ?

 by Buster_BSA ¦  Wed Feb 25, 2015 5:03 pm ¦  Forum: Tools/Software ¦  Topic: Anti-malwares for Win98SE ? ¦  Replies: 9 ¦  Views: 12603

Re: Anti-malwares for Win98SE ?

 by Buster_BSA ¦  Wed Feb 25, 2015 2:03 pm ¦  Forum: Tools/Software ¦  Topic: Anti-malwares for Win98SE ? ¦  Replies: 9 ¦  Views: 12603

Best solution is an antivirus boot cd like "Kaspersky Rescue Disk".

Re: Open Source Mandingo's Sandbox

 by Buster_BSA ¦  Tue Feb 24, 2015 8:00 am ¦  Forum: Tools/Software ¦  Topic: Open Source Mandingo's Sandbox ¦  Replies: 7 ¦  Views: 12639

Hello Yes, with the "sinjector.exe" client you can inject any DLL to a new spawned process, or running by its PID. Of course, you can use Linux or Windows for the host, but the instructions are not ready yet. If you understand how it works, I think you shouldn't have too many problems to set up the...

  • 1
  • 2
  • 3
  • 4
  • 5
  • 40