A forum for reverse engineering, OS internals and malware analysis 

Forum Statistics Last post
Kernel-Mode Development
Forum for discussion about kernel-mode development.
330 Topics 
1977 Posts
Re: WDM: calling MmGetSystemA…
 by freesauce
 Sun May 19, 2019 11:51 am
User-Mode Development
Forum for discussion about user-mode development.
128 Topics 
828 Posts
Re: Check if process is UWP a…
 by EP_X0FF
 Sun May 19, 2019 2:23 pm
Forum Statistics Last post
Device Driver Development for Beginners - Reloaded
by Evilcry  - Mon Oct 04, 2010 6:14 am
24 Replies 
 107877 Views
 by Pendragon
 Sun Oct 28, 2018 1:25 pm
Assembler Disassembler Engines
by Dreg  - Mon Mar 15, 2010 9:17 am
16 Replies 
 73999 Views
 by tangptr
 Mon Mar 20, 2017 11:53 am
Check if process is UWP application.
by Iradicator  - Thu May 02, 2019 7:29 am
1 Replies 
 157 Views
 by EP_X0FF
 Sun May 19, 2019 2:23 pm
1 Replies 
 49 Views
 by freesauce
 Sun May 19, 2019 11:51 am
Stealth Hook
by c6754  - Sat Feb 16, 2019 1:16 pm
3 Replies 
 1019 Views
 by R136a1
 Tue Apr 30, 2019 6:28 pm
3 Replies 
 154 Views
 by R136a1
 Sat Apr 27, 2019 9:07 pm
2 Replies 
 307 Views
 by Brock
 Tue Apr 16, 2019 12:42 pm
0 Replies 
 408 Views
 by j4ck
 Wed Mar 06, 2019 4:17 am
2 Replies 
 1068 Views
 by pointer
 Fri Feb 08, 2019 1:26 pm
4 Replies 
 1626 Views
 by pointer
 Sun Jan 27, 2019 6:33 pm
How to emulate LOW IL ?
by zer0cat  - Tue Jan 22, 2019 7:25 pm
6 Replies 
 1970 Views
 by Vrtule
 Fri Jan 25, 2019 10:13 pm
Detecting Physical Memory Mapping
by sdf90090  - Mon Jan 21, 2019 4:14 pm
1 Replies 
 947 Views
 by gandolf
 Thu Jan 24, 2019 3:19 am
Read Unknown Kernel Address In A Safe Way
by AxtMueller  - Mon Dec 31, 2018 3:44 pm
2 Replies 
 1539 Views
 by AxtMueller
 Thu Jan 17, 2019 7:36 pm
[C] HTTP-Downloader
by KarNak  - Sat Jan 12, 2019 11:32 am
5 Replies 
 1920 Views
 by AxtMueller
 Tue Mar 26, 2019 12:36 am
[C] UserMode = AdminMode Linux
by KarNak  - Sat Jan 12, 2019 11:39 am
1 Replies 
 774 Views
 by nimaarek
 Sat Jan 12, 2019 3:22 pm
Hook and replace Win32 application functions
by KarNak  - Sat Jan 12, 2019 11:29 am
0 Replies 
 633 Views
 by KarNak
 Sat Jan 12, 2019 11:29 am
Avoid undocumented API calls (RtlImageNtHeader)?
by j4ck  - Wed Dec 19, 2018 3:17 am
2 Replies 
 1637 Views
 by j4ck
 Wed Dec 19, 2018 4:12 am
0 Replies 
 1371 Views
 by pointer
 Wed Nov 28, 2018 12:29 pm
1 Replies 
 1625 Views
 by mrfearless
 Sun Oct 07, 2018 6:50 pm
PG check
by orwell  - Sun Sep 16, 2018 9:30 am
4 Replies 
 3137 Views
 by tangptr
 Tue Sep 18, 2018 12:33 pm
1 Replies 
 2030 Views
 by mrfearless
 Mon Sep 17, 2018 3:08 am
4 Replies 
 4769 Views
 by ptr
 Thu Aug 23, 2018 11:54 am
3 Replies 
 3269 Views
 by rkhunter
 Wed Aug 22, 2018 11:17 am
Probe kernel memory for read
by easy  - Sun Aug 12, 2018 7:45 am
3 Replies 
 10917 Views
 by tangptr
 Tue Aug 14, 2018 3:35 am
Hooking the offical way?
by rrr_rrr_111  - Mon Aug 06, 2018 8:23 pm
8 Replies 
 7702 Views
 by tangptr
 Mon Aug 13, 2018 7:09 am