- ARTeam: Introduction To Malware Techniques and Logics Part 1
- Hook remote process.
- softwareshield
- anyone know the order in which PUSHAD works?
- where is xp manifest in simple "hello world"..?
- Exclusive known as xor crypto, how to read the uncrypted string
- Translation
- Strange problem when hotpatching function..
- Circumventing windows file protections...
- rekindled hope (maybe)
- DUMKOM anyone?
- v1.02 of the x86asm reference released
- indirect __stdcall function
- .Net -> How to close a external Msgbox !quick! ??
- Need to get contents out of TStringGrid
- Android - DEX file format
- ARTeam: Serial Fishing and Creating a Self Registering Program by R@dier
- Digging into RtlRemoteCall..by BanMe
- Hidden Kernel Module (Driver) detection techniques
- Setting the Event Pair of a Thread..
- From where FastPebLockRoutine is called?
- Thread32First / NtSuspendThread from DDK driver
- String search
- The Simple Client :}... very basic..
- Native_MapFile
- how to Continue the execution of the win32 subsytem..
- Hooking ZwAllocateVirtualMemory
- How to directly talk to USB device?
- FlexLM v8.x - Problem while trying to retrieve both encryption seeds
- Modifying NTDLL ?
- Hooking using a Linked List to specify the params..
- ARTeam: Patching Applications from Apple’s AppStore with additional protection by Re
- Dallas iButton
- How To protect my VB2008 App??
- Kernel modules loaded with broken PE header?
- Thread Based Code/behavior Profiler
- HASP SRM DeviceIo
- First MUP
- The Perfect Rootkit
- Reconstruct Delphi control classes
- some question about PE loader
- Saving Registers & Flags
- Random Data
- SIDT - Explanation
- About the 2 Flexlm ECC flag....
- Have Code ~ Will Unravel - Paladin?
- ARTeam: ezine number 4th just released
- DEBUGGER WITH GOOD ASSEMBLY in 64 BITS
- Rootkit Analytics
- Shellcode in C
- Anyone wanna help?
- an application with mixture of Delphi 7 and .NET
- ARTeam: Reversing Xilisoft, by Nieylana
- Need obfuscated .NET assemblies
- Enable Menuitem
- ARTeam: A Tales of Reversing & Keygenning Two MD5 Registration Schemas
- ExeCryptor Internals : Tutorials + Tools
- dotFuscator
- FlexLM 8.1b - VD customized
- Anybody know Hardlock Modad 507F ???
- Faking a file
- ARTeam: Unpacking 4 Simple Packers with IDA Videotut by TiGa
- CodeProject: Driver to Hide Processes and Files
- ARTeam: Defeating the Winlicense Main Executable version 2.0.5.0 by quosego
- fork is not inheriting all the threads from parent
- ARTeam: Unwrapping WildTangent Games, by Nieylana and SSlEvIN
- LINK:Detect Hidden Processes
- SecuROM v7 (+PA optional) available
- Strong names again...
- Regarding FLEXnet
- TLS Callback with invalid entries
- Reflective Dll Injection
- hello has anyone idea how to hook this weird / virtual function
- An Anti-Reverse Engineering Guide
- Windows Research Kernel
- [req] r0 loader for MP cpu
- Driver PE Header ImageBase modified by OS Loader
- Live messenger plugin development article published
- use of PhantOm Olly plugin no in Olly ?
- Creepy behaviour in syscall dispatcher hook
- freezing minifilter
- How does this cdrom driver hold the read data before return?
- Is this behaviour of Virtual Memory normal?
- ARTeam: xADT eXtensible Anti Debug Tester v1.4 by Shub-Nigurrath
- ARTeam: Bypassing TryGames Download Manager
- ARTeam: Inline Patching ActiveMark (AM) 6.3 Buy-Only Targets
- Help needed to know if thous 2 fails are encrpyted or not ?
- Operating System information
- Anybody has used Microsoft Base Smart Card CSP yet?
- Achilles Heel in the Philosophy of Prometheus Boundless Security Paper
- Tough .NET protection
- Use flair tool
- PEB.Ldr - Unlinking an entry
- ARTEam: ActiveMark 62 and 63 Superior Inline Patching Method by SSlEvIN
- ResumeThread & WaitForSingleObject in combination leads to a problem...
- declspec (naked) usage in dll
- Control an application behavior
- FlexLM on PA-Risc CPU ...
- Help on SetWindowsHookEx
- Code Section Modified after ZwMapViewOfSection
- LINK: Bypassing Patch Guard 3
- JDK classloader signature vs. JRE classloader signature
- help on finding kernel32.dll
- IDT
- Delphi Big Lib Signature Problem
- Help on IDT
- ARTeam: Generating Keys For TimePassages (EN/SP) by Nacho-Dj
- [help]function size
- a question from those who know how to develop drivers
- ARTeam: Signing Applications in ezMode for Symbian, by argv
- ARTeam: Primer on Reverse Engineering Symbian 3rd Applications v10, by argv
- good news for dk2/dk3 fans (deskey)
- ARTeam: searching for symbian reversers
- Wibu Gold Rolex Watch for Sale!
- Xenocode unpack
- assembler loader problem
- MACAddress
- FS Register
- Not quite hooking...
- reversing Qt programs
- Help discovering elements used to create a serial number
- Help about such a strange SEH trick
- Exotic Malware ?
- LINK: How to get the address of KeServiceDescriptorTableShadow
- Writing A Book On Computer Viruses
- Injecting Browser Helper Objects Remotely
- custom message on deletion of file...
- Accessing "in Use" Files == ?
- Some interesting papers and presentations from the 2008 CARO Workshop
- ARTeam: Primer on Reversing Jailbroken iPhone Native Applications v1.0
- ARTeam: Symbian Unleashed IDS Files For IDA Pro, EPOC6 && EPOC9 from argv
- Implementing Custom Subsystem == ?
- creating win32 api == ?
- Executable being rebased like a dll?
- The VMware VIX API
- CSP patching problem
- ARTeam eZine Issue III
- Arteam: Improved Disasm Dll (olly Engine), by CondZero
- ARTeam: AMDUMPV6.2 V2.0 by CondZero
- Reversing Windows hook chains
- win32 c processor only needed
- Overshadow: A Virtualization-Based Approach to Retrofitting Protection ..
- Weird dll hook thanks to Vista SP1
- hooking KiFastCallEntry
- Home made Java Virtual Machine
- Code Injection: Injecting an Entire C Compiled Application
- Hooking a member function from an injected DLL?
- SEH in Vista with ASLR?
- Reprise SW
- Vista x64 SP1 tcpip.sys runtime patching
- Question concerning .NET file format...
- Small Ndis miniport driver sample
- Vista Problem
- API Hooking
- Antidebuglib
- Enumerating 32-bit modules from an x64 application
- Crackz Nolan God help me out :P
- ARTeam: ArmaGeddon v1.0 Conceptual overview tool for unpacking Armadillo by CondZero
- using HID device in Driver and strange device corruption
- Binary radix tries
- Objective C
- assgin custom callback function to an edit field
- NASM - GUI related question
- Native NT Toolkit, First part (NDK headers) now available on Google Code
- .NET hooking
- NEW '_time' obfuscation area in FLEXlm v10
- Two VM detection methods, reported by Sirmabus
- Reversing C++
- ARTeam: Cracking & Unpacking ECompXL Packer V1 For Symbian Part3 by argv
- COM Interface problem!
- ARTeam: Cracking & Unpacking eCompXL packer V1 for Symbian Part2 by argv
- (x<<13) | (x>>3)
- ARTeam: Special Issue for SecuRom 7.30.0014 Take2 VM Analysis, deroko, 2kAD
- InTether Protection System Reversing...Reversing Kernel Code
- ARTeam: Cracking & Unpacking eCompXL packer V1 for Symbian
- Tool for check a valid PE Win32 File...
- ARTeam:ActiveMark62 Inline Patching by SSlEvIN (video tut)
- Run-time resolution of C++ virtual function addresses
- new ROCKEY?
- Reverse Engineering 'Reversity' Training Sessions - Free/Open
- Collection of anti debug tricks
- xml embed references. halp! :(
- LINK: Grafting Compiled Code: The Ultimate in Code Reuse
- HaspHL- Time Emulation Hangup
- need some help on a project...
- x64 and GetThreadContext() problems
- ARTeam: Macrovision InstallShield 2008 -Professional Edition [Short take] by condzero
- ARTeam: Notes on Reversing and Cracking Java Target Part 3 by ThunderPwr
- ARTeam: Boonty InSecure – Safecast 2.60.030 / FLEXnet dll Injection Method
- .NET strong name signature.
- brief insight into secu vm
- ARTeam: Notes on Reversing and cracking Java Target Part2
- Decompiling
- Reverse Engineering at University
- ARTeam: Dumping & Analysis ActiveMark V6.2x by Condzero
- ARTeam: Special Issue For SecuRom 7.30.0014 Complete Owning, AnonymouS, Human, derok
- Windows Anti-Debug Reference, nice collection of anti-debug tricks
- A question about creating process
- VM Snapshot Comparison to detect hidden files
- Modifying an online game
- HASP4 TIMEHASP confusion
- ARTeam: Notes on Reversing and Cracking Java Target
- Cracking .NET Applications "Step-By-Step"
- Arteam Collection, 220mb Of Tutorials And Tools, by scherzocrk
- FlexLm signatures file v9.2 or v10
- ARTeam: Reversing Of A Protection Scheme Based On Drivers: Sandboxie by Shub
- ARTeam: Symbian Symphony For 4 Crackmes And A Commercial Program, by Shub-Nigurrath
- Intel VT-x technology
- Looking for sentinel superpro 7.3 ida signature
- [ARTeam] generic unpacker source
- Keylok II Emu stuff
- Entropy
- ARTeam: AsProtect VM analyze
- HASPHL2006-7 & SENTEMUL2007
- Mysteries of win32k & GDI
- Virit antivirus?
- sentinel superpro
- New WIBU Envelope v5.20
- MIPS Decoding and Disassembly
- Emulator for old Hardlock algo.?
- Seedval Flexlm v11
- StrongNameIdentityPermission
- CGI
- ASM to C?
- Recovering seeds vendor daemon
- HASP HL - envelope problem
- Sentdos, dongle dos application
- Critical Section in ASM? Howto?
- Virtual Debugging in VMware
- Sentinel RMS
- unknown sentinel spro api
- Alexander Sotirov security vulnerabilities video
- How does AVP scan this virus "Backdoor.Win32.CFour"?
- A nasty id/pass scheme
- MFC question
- Obfuscation on Windows as well as on Linux
- License sheme
- haSploGer - Hasp4 / HaspHL Loger by Xyrurg && sataron
- Differences in 32-bit exception handling on 32- and 64-bit host OS
- Recognize any of these functions?
- GetProcAddress for win32api func
- Test for stack or heap
- Windows Inner working.
- Windows Research Kernel
- IDA introduces full decompilation (to source code, yes)
- Generating Virtual Machine Code
- Different papers about SMC, polymorph code and anti trace code...
- understanding disassembler lc_init
- AVPX 3.30 by z0mbie
- FlexLM makekey