github.com
rwfpl (ReWolf) · GitHub
https://github.com/rwfpl
Http:/ blog.rewolf.pl. Mar 13, 2015. Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems. Simple VM based x86 PE (portable exectuable) protector. Packer and unpacker for Might and Magic III CC file. Simple tool to bundle windows DLLs with PE executable. Helper utility for debugging windows PE/PE loader. 11 contributions in the last year. Summary of pull requests, issues opened, and commits. Learn how we count contributions.
gdtr.wordpress.com
ROPC — Turing complete ROP compiler (part 3, implementation) | GDTR
https://gdtr.wordpress.com/2014/07/31/ropc-turing-complete-rop-compiler-part-3-implementation
False prophecies delivered with Internet speed! ROPC Turing complete ROP compiler (part 3, implementation). ROPC Turing complete ROP compiler (part 3, implementation). This is the third (and last) post in a series (first post here. Describing implementation of its features like tables, conditional jumps, recursive calls, etc. Please familiarize yourself with the two first posts, otherwise this one might be hard to follow. After our ROP program finishes executing the main. If implementation of function F.
gdtr.wordpress.com
pakt | GDTR
https://gdtr.wordpress.com/author/gdtr
False prophecies delivered with Internet speed! ROPC Turing complete ROP compiler (part 3, implementation). This is the third (and last) post in a series (first post here. Describing implementation of its features like tables, conditional jumps, recursive calls, etc. Please familiarize yourself with the two first posts, otherwise this one might be hard to follow. ROPC Turing complete ROP compiler (part 2, language). This is the second post in a series (first post here. DeCV — a decompiler for Code ...
pwningmad.wordpress.com
About | Pwning Mad
https://pwningmad.wordpress.com/about
Leave a Reply Cancel reply. Enter your comment here. Fill in your details below or click an icon to log in:. Address never made public). You are commenting using your WordPress.com account. ( Log Out. You are commenting using your Twitter account. ( Log Out. You are commenting using your Facebook account. ( Log Out. You are commenting using your Google account. ( Log Out. Notify me of new comments via email. TU CTF 2016 – WhereHereticsSuffer Stage2 (150). SharifCTF Network Forensics task writeup.
codereversing.com
RCE Endeavors » About
http://www.codereversing.com/blog/about
The End of the World. December 5th, 2014. This page will be updated as the blog develops. Or follow on Twitter: @CodeReversing. E-Mail (will not be published) (required). Subscribe to comments feed. Hekate: x86/x64 Winsock Inspection/Modification (Alpha dev release). Manually Enumerating Process Modules. Stealth Techniques: Hiding Files in the Registry. Pepex – ZIRCONIC. On Hiding Functionality with Exception Handlers (1/2). Pepex – ZIRCONIC. On Hiding Functionality with Exception Handlers (1/2).
codereversing.com
RCE Endeavors » Nop Hopping: Hiding Functionality in Alignment
http://www.codereversing.com/blog/archives/226
The End of the World. Nop Hopping: Hiding Functionality in Alignment. Nop Hopping: Hiding Functionality in Alignment. May 17th, 2015. The NOPs are shown after the. These NOP blocks are all over the place; they’re inside the main executable, and in each loaded library. This gives a very. API along with Module32First. These will return the base address of the image and its libraries as well as their sizes in memory. ModuleMap GetModules (. DWORD dwProcessId ). ModuleMap mapModules ;. DWORD PTR dwBase =.
codereversing.com
RCE Endeavors » 2015 » May
http://www.codereversing.com/blog/archives/date/2015/05
The End of the World. Archive for May, 2015. Nop Hopping: Hiding Functionality in Alignment. May 17th, 2015. The NOPs are shown after the. These NOP blocks are all over the place; they’re inside the main executable, and in each loaded library. This gives a very. API along with Module32First. These will return the base address of the image and its libraries as well as their sizes in memory. ModuleMap GetModules (. DWORD dwProcessId ). ModuleMap mapModules ;. TH32CS SNAPMODULE, dwProcessId ). MEMORY BASIC ...
codereversing.com
RCE Endeavors » Extending External Window Functionality
http://www.codereversing.com/blog/archives/82
The End of the World. Extending External Window Functionality. Extending External Window Functionality. April 17th, 2011. HWND hWnd ;. HMENU hMenuBar ;. HMENU hAddedMenu ;. LONG PTR PrevWndProc ;. DWORD MENUITEM ID =. PROCESSWNDINFO g WindowInfo ;. LRESULT CALLBACK SubclassWndProc (. HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam ). MB ICONASTERISK ). G WindowInfo. PrevWndProc. HWnd, Msg, wParam, lParam ). BOOL CALLBACK EnumWindowProc (. HWND hWnd, LPARAM processId ). INT WINDOW LENGTH =. This handle ...
SOCIAL ENGAGEMENT