A forum for reverse engineering, OS internals and malware analysis 

Forum for discussion about user-mode development.
Forum Statistics Last post
Windows 7 x64 SSDT question
by __fastcall  - Fri Nov 11, 2011 5:23 pm
4 Replies 
 5314 Views
 by __fastcall
 Mon Nov 14, 2011 1:54 pm
Cool fadeIn / fadeOut effect [ASM]
by Striker  - Fri Oct 28, 2011 10:30 pm
4 Replies 
 7221 Views
 by Striker
 Sat Oct 29, 2011 4:16 pm
4 Replies 
 5834 Views
 by rndbit
 Fri Oct 28, 2011 12:50 pm
Single_step and sysenter
by _Lynn  - Sat Sep 24, 2011 4:47 am
1 Replies 
 2962 Views
 by kmd
 Fri Oct 07, 2011 3:10 am
Detect hooks set with SetWindowsHookEx
by Tigzy  - Wed Sep 28, 2011 9:52 am
5 Replies 
 7851 Views
 by Vrtule
 Wed Oct 05, 2011 7:55 pm
Check for hooks/DLL injection
by Radovan  - Fri Jul 16, 2010 11:54 am
19 Replies 
 22747 Views
 by Fabian Wosar
 Wed Oct 05, 2011 1:26 pm
Dll injection prevention
by listito  - Wed Sep 28, 2011 10:56 am
19 Replies 
 20770 Views
 by Brock
 Sat Oct 01, 2011 12:14 pm
run an executable from memory
by ArkKup  - Mon Sep 19, 2011 9:20 am
0 Replies 
 2716 Views
 by ArkKup
 Mon Sep 19, 2011 9:20 am
About IsBadWritePtr?
by juan81  - Tue Aug 09, 2011 4:24 am
11 Replies 
 12949 Views
 by juan81
 Fri Sep 16, 2011 1:12 pm
crypto libraries with AVX & hardware AES support
by redp  - Sat Aug 27, 2011 12:31 pm
3 Replies 
 4123 Views
 by redp
 Sun Sep 11, 2011 2:19 pm
NtReadVirtualMemory
by jstar  - Sun Aug 21, 2011 11:53 pm
20 Replies 
 21061 Views
 by jstar
 Thu Aug 25, 2011 8:03 pm
Ring3 Windowed-Process Kill PoC
by Brock  - Fri Aug 12, 2011 10:47 pm
4 Replies 
 8182 Views
 by Brock
 Sat Aug 13, 2011 6:55 pm
problem in using NtSetInformationFile
by noppy  - Fri Jul 01, 2011 4:19 pm
2 Replies 
 4036 Views
 by noppy
 Fri Jul 01, 2011 8:29 pm
Hooking 32bit System Calls under WOW64 [oxff]
by Brookit  - Mon May 16, 2011 5:56 pm
0 Replies 
 2816 Views
 by Brookit
 Mon May 16, 2011 5:56 pm
SIDT privilleged?
by lorddoskias  - Wed May 11, 2011 12:07 am
1 Replies 
 3260 Views
 by EP_X0FF
 Wed May 11, 2011 1:47 am
How to determine dot net file
by kmd  - Tue Dec 21, 2010 2:47 am
4 Replies 
 7049 Views
 by EP_X0FF
 Wed Dec 22, 2010 2:27 pm
Breaking Prevx 3 self-protection
by EP_X0FF  - Tue Aug 03, 2010 9:55 am
59 Replies 
 81000 Views
 by EP_X0FF
 Tue Nov 30, 2010 5:58 pm
how to prevent windows message flood attacking
by sainfoin  - Sun Nov 07, 2010 2:42 am
9 Replies 
 15048 Views
 by xqrzd
 Mon Nov 08, 2010 3:05 am
How can I overwrite an MFT entry
by Mehdi  - Sun Oct 03, 2010 12:30 pm
4 Replies 
 7247 Views
 by Vrtule
 Wed Oct 06, 2010 11:42 pm
0 Replies 
 4531 Views
 by Not_ice
 Mon Aug 16, 2010 6:14 am
3 Replies 
 7339 Views
 by a_d_13
 Fri Aug 13, 2010 9:01 pm
2 Replies 
 5024 Views
 by Evilcry
 Mon Jun 21, 2010 5:52 am
15 Replies 
 22835 Views
 by Alex
 Thu May 13, 2010 7:49 pm
5 Replies 
 9240 Views
 by Evilcry
 Sun May 09, 2010 11:29 am
[solved] Dump Region
by NOP  - Fri Apr 09, 2010 6:59 pm
9 Replies 
 12665 Views
 by Buster_BSA
 Fri Apr 23, 2010 5:54 pm