A forum for reverse engineering, OS internals and malware analysis 

Search found 1105 matches

 Go to advanced search

Re: Undocumented structures for W2k-Win10

 by rkhunter ¦  Fri Oct 20, 2017 7:30 pm ¦  Forum: Kernel-Mode Development ¦  Topic: Undocumented structures for W2k-Win10 ¦  Replies: 21 ¦  Views: 75198

Windows 10 Redstone 3 (1709) ntoskrnl (10.0.16299.15) pdb + extracted structures.

Re: Enhanced Mitigation Experience Toolkit (EMET)

 by rkhunter ¦  Tue Sep 05, 2017 1:25 pm ¦  Forum: Tools/Software ¦  Topic: Enhanced Mitigation Experience Toolkit (EMET) ¦  Replies: 12 ¦  Views: 47396

EMET on Windows 10 Insider aka PayloadRestrictions.dll and how it is loaded into a process

https://github.com/deroko/payloadrestrictions

Re: Articles

 by rkhunter ¦  Mon Aug 14, 2017 11:28 am ¦  Forum: Reverse Engineering and Debugging ¦  Topic: Articles ¦  Replies: 33 ¦  Views: 114029

Exploring Windows virtual memory management

http://www.triplefault.io/2017/08/explo ... emory.html

Re: Enhanced Mitigation Experience Toolkit (EMET)

 by rkhunter ¦  Thu Aug 10, 2017 10:51 am ¦  Forum: Tools/Software ¦  Topic: Enhanced Mitigation Experience Toolkit (EMET) ¦  Replies: 12 ¦  Views: 47396

Moving Beyond EMET II – Windows Defender Exploit Guard

https://blogs.technet.microsoft.com/srd ... oit-guard/

Re: Enhanced Mitigation Experience Toolkit (EMET)

 by rkhunter ¦  Wed Aug 09, 2017 2:49 pm ¦  Forum: Tools/Software ¦  Topic: Enhanced Mitigation Experience Toolkit (EMET) ¦  Replies: 12 ¦  Views: 47396

Windows 10 += EMET (Windows Defender Exploit Guard)

https://blogs.technet.microsoft.com/mmp ... rs-update/

Re: Win32/Industroyer

 by rkhunter ¦  Thu Jul 27, 2017 9:54 am ¦  Forum: Malware ¦  Topic: Win32/Industroyer ¦  Replies: 1 ¦  Views: 12184

Re: Undocumented structures for W2k-Win10

 by rkhunter ¦  Wed Jun 21, 2017 10:30 am ¦  Forum: Kernel-Mode Development ¦  Topic: Undocumented structures for W2k-Win10 ¦  Replies: 21 ¦  Views: 75198

Windows 10 Redstone 2 (1703) ntoskrnl (10.0.15063.413) pdb + extracted structures.

Win32/Industroyer

 by rkhunter ¦  Thu Jun 15, 2017 11:08 am ¦  Forum: Malware ¦  Topic: Win32/Industroyer ¦  Replies: 1 ¦  Views: 12184

Win32/Industroyer: a new threat for industrial control systems
https://www.welivesecurity.com/wp-conte ... troyer.pdf

Cyber firms warn of malware that could cause power outages
http://www.reuters.com/article/us-cyber ... SKBN1931EG

Samples in attach.

Re: Undocumented structures for W2k-Win10

 by rkhunter ¦  Thu Mar 02, 2017 10:34 am ¦  Forum: Kernel-Mode Development ¦  Topic: Undocumented structures for W2k-Win10 ¦  Replies: 21 ¦  Views: 75198

Windows 10 Redstone 1 (1607) ntoskrnl (10.0.14393.693) pdb + extracted structures.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 111