A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
Forum Statistics Last post
Bypass check on SPDRP_FRIENDLYNAME
by Mauronz  - Tue Jan 10, 2017 3:40 pm
1 Replies 
 9108 Views
 by Grindan
 Sat Jan 28, 2017 12:18 pm
Custom Icon in malicious .hta file ?
by farkas  - Sat Jan 14, 2017 4:51 am
1 Replies 
 7108 Views
 by EP_X0FF
 Sat Jan 14, 2017 8:03 am
Rootkit.Alureon.E.VBR
by kurt2121  - Fri Dec 16, 2016 10:18 am
6 Replies 
 17791 Views
 by EP_X0FF
 Sun Jan 08, 2017 6:07 am
How to become reverse engineer?
by Cuidightheach  - Sat Dec 10, 2016 11:26 am
1 Replies 
 8434 Views
 by EP_X0FF
 Thu Dec 15, 2016 4:40 pm
Detect FILE_Flag_Delete_On_Close
by Carlbyte  - Wed Dec 07, 2016 6:02 pm
1 Replies 
 6552 Views
 by Carlbyte
 Sat Dec 10, 2016 11:25 am
Where to download IoT benign samples
by shahjee007  - Sat Dec 03, 2016 3:10 am
1 Replies 
 8492 Views
 by p1nk
 Sun Dec 04, 2016 12:50 am
20 Replies 
 31181 Views
 by h00key
 Sat Dec 03, 2016 12:32 pm
Irp_mj_set_information Delete File
by Carlbyte  - Thu Nov 17, 2016 4:46 pm
8 Replies 
 13503 Views
 by Vrtule
 Tue Nov 22, 2016 12:59 pm
The Cantor Dust tool
by nosecure  - Fri Nov 18, 2016 12:38 pm
1 Replies 
 6689 Views
 by Vrtule
 Fri Nov 18, 2016 2:11 pm
Detect It Easy entropy
by nosecure  - Thu Nov 17, 2016 3:58 pm
3 Replies 
 8252 Views
 by Vrtule
 Fri Nov 18, 2016 2:07 pm
List of actual Ransomware
by g00dv1n  - Wed Nov 02, 2016 4:58 pm
3 Replies 
 8636 Views
 by alezar
 Thu Nov 17, 2016 7:29 pm
How to PM someone in this forum
by tangptr  - Tue Nov 15, 2016 2:50 am
3 Replies 
 6697 Views
 by EP_X0FF
 Tue Nov 15, 2016 4:57 pm
Browser HTML injection Malware sample ?
by r00tMe  - Tue Nov 08, 2016 5:55 pm
0 Replies 
 5360 Views
 by r00tMe
 Tue Nov 08, 2016 5:55 pm
How did you get into malware analysis?
by kd77  - Thu Sep 29, 2016 9:34 am
2 Replies 
 15660 Views
 by kd77
 Thu Oct 06, 2016 3:03 pm
How cancel a IRP_MJ_CREATE
by Carlbyte  - Sun Oct 02, 2016 3:00 pm
7 Replies 
 9958 Views
 by Vrtule
 Mon Oct 03, 2016 7:30 pm
Incredibly stupid question about missing post
by FTL2000  - Sat Oct 01, 2016 11:21 am
1 Replies 
 5579 Views
 by EP_X0FF
 Sat Oct 01, 2016 12:32 pm
How do i analyze this strange ransomware ?
by r00tMe  - Thu Sep 29, 2016 11:03 pm
5 Replies 
 8064 Views
 by r00tMe
 Fri Sep 30, 2016 2:29 am
How to unpack Qadars?
by r00tMe  - Fri Sep 30, 2016 2:25 am
0 Replies 
 2228 Views
 by r00tMe
 Fri Sep 30, 2016 2:25 am
How to unpack Qadars?
by r00tMe  - Fri Sep 30, 2016 2:19 am
0 Replies 
 2224 Views
 by r00tMe
 Fri Sep 30, 2016 2:19 am
How to unpack Qadars?
by r00tMe  - Fri Sep 30, 2016 2:17 am
0 Replies 
 2215 Views
 by r00tMe
 Fri Sep 30, 2016 2:17 am
Hooking rundll32.exe
by snx90  - Tue Aug 30, 2016 2:44 pm
3 Replies 
 7903 Views
 by Munsta
 Fri Sep 16, 2016 2:30 pm
Ioctl_Tdi_Tl_Io_Control_Endpoint
by Carlbyte  - Sat Sep 10, 2016 6:49 pm
3 Replies 
 6192 Views
 by Carlbyte
 Mon Sep 12, 2016 11:12 pm
Registry Keys ROT13 Encrypted?
by waffles2.0  - Mon Sep 12, 2016 8:03 am
2 Replies 
 5916 Views
 by waffles2.0
 Mon Sep 12, 2016 2:44 pm
Code golfing to trigger false positives?
by qpok  - Sat Aug 27, 2016 7:25 am
4 Replies 
 6958 Views
 by geoffreyvdb
 Mon Aug 29, 2016 9:18 am
ntUnmapViewOfSection vs dll injection approach
by DMEW  - Sun Aug 21, 2016 6:16 pm
5 Replies 
 9453 Views
 by DMEW
 Fri Aug 26, 2016 3:32 pm
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 20