A forum for reverse engineering, OS internals and malware analysis 

Forum Statistics Last post
Kernel-Mode Development
Forum for discussion about kernel-mode development.
331 Topics 
1981 Posts
Re: Can the entire physical m…
 by feryno
 Fri Jun 14, 2019 4:54 am
User-Mode Development
Forum for discussion about user-mode development.
128 Topics 
829 Posts
Re: Check if process is UWP a…
 by Brock
 Thu Jun 13, 2019 8:19 pm
Forum Statistics Last post
Device Driver Development for Beginners - Reloaded
by Evilcry  - Mon Oct 04, 2010 6:14 am
24 Replies 
 108336 Views
 by Pendragon
 Sun Oct 28, 2018 1:25 pm
Assembler Disassembler Engines
by Dreg  - Mon Mar 15, 2010 9:17 am
16 Replies 
 74284 Views
 by tangptr
 Mon Mar 20, 2017 11:53 am
1 Replies 
 228 Views
 by feryno
 Fri Jun 14, 2019 4:54 am
Check if process is UWP application.
by Iradicator  - Thu May 02, 2019 7:29 am
2 Replies 
 412 Views
 by Brock
 Thu Jun 13, 2019 8:19 pm
6 Replies 
 1985 Views
 by pointer
 Sat May 25, 2019 12:35 am
1 Replies 
 162 Views
 by freesauce
 Sun May 19, 2019 11:51 am
Stealth Hook
by c6754  - Sat Feb 16, 2019 1:16 pm
3 Replies 
 1186 Views
 by R136a1
 Tue Apr 30, 2019 6:28 pm
3 Replies 
 242 Views
 by R136a1
 Sat Apr 27, 2019 9:07 pm
2 Replies 
 405 Views
 by Brock
 Tue Apr 16, 2019 12:42 pm
0 Replies 
 483 Views
 by j4ck
 Wed Mar 06, 2019 4:17 am
2 Replies 
 1149 Views
 by pointer
 Fri Feb 08, 2019 1:26 pm
How to emulate LOW IL ?
by zer0cat  - Tue Jan 22, 2019 7:25 pm
6 Replies 
 2042 Views
 by Vrtule
 Fri Jan 25, 2019 10:13 pm
Detecting Physical Memory Mapping
by sdf90090  - Mon Jan 21, 2019 4:14 pm
1 Replies 
 1031 Views
 by gandolf
 Thu Jan 24, 2019 3:19 am
Read Unknown Kernel Address In A Safe Way
by AxtMueller  - Mon Dec 31, 2018 3:44 pm
2 Replies 
 1626 Views
 by AxtMueller
 Thu Jan 17, 2019 7:36 pm
[C] HTTP-Downloader
by KarNak  - Sat Jan 12, 2019 11:32 am
5 Replies 
 2081 Views
 by AxtMueller
 Tue Mar 26, 2019 12:36 am
[C] UserMode = AdminMode Linux
by KarNak  - Sat Jan 12, 2019 11:39 am
1 Replies 
 846 Views
 by nimaarek
 Sat Jan 12, 2019 3:22 pm
Hook and replace Win32 application functions
by KarNak  - Sat Jan 12, 2019 11:29 am
0 Replies 
 689 Views
 by KarNak
 Sat Jan 12, 2019 11:29 am
Avoid undocumented API calls (RtlImageNtHeader)?
by j4ck  - Wed Dec 19, 2018 3:17 am
2 Replies 
 1712 Views
 by j4ck
 Wed Dec 19, 2018 4:12 am
0 Replies 
 1429 Views
 by pointer
 Wed Nov 28, 2018 12:29 pm
1 Replies 
 1705 Views
 by mrfearless
 Sun Oct 07, 2018 6:50 pm
PG check
by orwell  - Sun Sep 16, 2018 9:30 am
4 Replies 
 3216 Views
 by tangptr
 Tue Sep 18, 2018 12:33 pm
1 Replies 
 2084 Views
 by mrfearless
 Mon Sep 17, 2018 3:08 am
4 Replies 
 4841 Views
 by ptr
 Thu Aug 23, 2018 11:54 am
3 Replies 
 3339 Views
 by rkhunter
 Wed Aug 22, 2018 11:17 am
Probe kernel memory for read
by easy  - Sun Aug 12, 2018 7:45 am
3 Replies 
 10988 Views
 by tangptr
 Tue Aug 14, 2018 3:35 am