A forum for reverse engineering, OS internals and malware analysis 

Forum Statistics Last post
Kernel-Mode Development
Forum for discussion about kernel-mode development.
335 Topics 
1998 Posts
Re: Hooking the offical way?
 by sscalzo
 Thu Jul 11, 2019 3:10 pm
User-Mode Development
Forum for discussion about user-mode development.
128 Topics 
829 Posts
Re: Check if process is UWP a…
 by Brock
 Thu Jun 13, 2019 8:19 pm
Forum Statistics Last post
Device Driver Development for Beginners - Reloaded
by Evilcry  - Mon Oct 04, 2010 6:14 am
24 Replies 
 108874 Views
 by Pendragon
 Sun Oct 28, 2018 1:25 pm
Assembler Disassembler Engines
by Dreg  - Mon Mar 15, 2010 9:17 am
16 Replies 
 74578 Views
 by tangptr
 Mon Mar 20, 2017 11:53 am
Hooking the offical way?
by rrr_rrr_111  - Mon Aug 06, 2018 8:23 pm
9 Replies 
 8078 Views
 by sscalzo
 Thu Jul 11, 2019 3:10 pm
2 Replies 
 152 Views
 by Hippey
 Wed Jul 10, 2019 1:05 am
8 Replies 
 337 Views
 by Brock
 Tue Jul 09, 2019 11:04 am
0 Replies 
 103 Views
 by BastianSuter
 Mon Jul 08, 2019 7:12 pm
Force unload kernel driver
by 0xdeadc0de  - Thu Jul 04, 2019 10:17 pm
0 Replies 
 404 Views
 by 0xdeadc0de
 Thu Jul 04, 2019 10:17 pm
why ExFreePool will blue screen
by lwbkm  - Mon May 21, 2018 6:45 am
5 Replies 
 4393 Views
 by EP_X0FF
 Thu Jul 04, 2019 4:21 am
1 Replies 
 483 Views
 by feryno
 Fri Jun 14, 2019 4:54 am
Check if process is UWP application.
by Iradicator  - Thu May 02, 2019 7:29 am
2 Replies 
 851 Views
 by Brock
 Thu Jun 13, 2019 8:19 pm
6 Replies 
 2156 Views
 by pointer
 Sat May 25, 2019 12:35 am
1 Replies 
 255 Views
 by freesauce
 Sun May 19, 2019 11:51 am
Stealth Hook
by c6754  - Sat Feb 16, 2019 1:16 pm
3 Replies 
 1679 Views
 by R136a1
 Tue Apr 30, 2019 6:28 pm
3 Replies 
 498 Views
 by R136a1
 Sat Apr 27, 2019 9:07 pm
2 Replies 
 513 Views
 by Brock
 Tue Apr 16, 2019 12:42 pm
0 Replies 
 574 Views
 by j4ck
 Wed Mar 06, 2019 4:17 am
2 Replies 
 1273 Views
 by pointer
 Fri Feb 08, 2019 1:26 pm
How to emulate LOW IL ?
by zer0cat  - Tue Jan 22, 2019 7:25 pm
6 Replies 
 2153 Views
 by Vrtule
 Fri Jan 25, 2019 10:13 pm
Detecting Physical Memory Mapping
by sdf90090  - Mon Jan 21, 2019 4:14 pm
1 Replies 
 1150 Views
 by gandolf
 Thu Jan 24, 2019 3:19 am
Read Unknown Kernel Address In A Safe Way
by AxtMueller  - Mon Dec 31, 2018 3:44 pm
2 Replies 
 1747 Views
 by AxtMueller
 Thu Jan 17, 2019 7:36 pm
[C] HTTP-Downloader
by KarNak  - Sat Jan 12, 2019 11:32 am
5 Replies 
 2293 Views
 by AxtMueller
 Tue Mar 26, 2019 12:36 am
[C] UserMode = AdminMode Linux
by KarNak  - Sat Jan 12, 2019 11:39 am
1 Replies 
 937 Views
 by nimaarek
 Sat Jan 12, 2019 3:22 pm
Hook and replace Win32 application functions
by KarNak  - Sat Jan 12, 2019 11:29 am
0 Replies 
 769 Views
 by KarNak
 Sat Jan 12, 2019 11:29 am
Avoid undocumented API calls (RtlImageNtHeader)?
by j4ck  - Wed Dec 19, 2018 3:17 am
2 Replies 
 1831 Views
 by j4ck
 Wed Dec 19, 2018 4:12 am
0 Replies 
 1513 Views
 by pointer
 Wed Nov 28, 2018 12:29 pm