RCE Messageboard's Regroupment > Archived Forums: Read-Only > Forums > Blogs Forum

Pages : 1 2 [3] 4

501. Beware of stack usage with the new network stack in Windows Vista (0 replies)
502. Activating process servers and connecting to them (0 replies)
503. Remote debugging with process servers (dbgsrv) (0 replies)
504. Reverse debugging -server and -remote (0 replies)
505. Win32 calling conventions: __thiscall in assembler (0 replies)
506. Overview of WinDbg remote debugging (0 replies)
507. Win32 calling conventions: __stdcall in assembler (0 replies)
508. Win32 calling conventions: Concepts (0 replies)
509. Remote debugging with kdsrv.exe (0 replies)
510. Remote debugging review (0 replies)
511. Win32 calling conventions: __fastcall in assembler (2 replies)
512. Ollydbg v1.10 and 6E/6F/A6 opcodes, a little oversight (1 replies)
513. Securing -server and -remote remote debugging sessions (0 replies)
514. Remote debugging with -server and -remote (0 replies)
515. Remote debugging with KD and NTSD (0 replies)
516. Remote debugging with remote.exe (0 replies)
517. Win32 calling conventions: Usage cases (0 replies)
518. Win32 calling conventions: __cdecl in assembler (0 replies)
519. Tracing Over System Calls In OllyDbg (16 replies)
520. DynLogger (13 replies)
521. Some functions are neater than the decompiler thinks (0 replies)
522. Self-modifying TLS callbacks (4 replies)
523. Symbian debugger (0 replies)
524. Trojan-PSW.Win32.OnLineGames.eos Reversing (0 replies)
525. Compiler 1, X86 Virtualizer 0 (2 replies)
526. IDA disasms reserved opcodes, is it a bug? (3 replies)
527. Weird export forwarding thanks to Vista x64 SP1 (3 replies)
528. Symbian AppTRK (0 replies)
529. Inside Session 0 Isolation and the UI Detection Service - Part 2 (0 replies)
530. Process Memory Dumper for Credentials Disclosure Vulns (2 replies)
531. Cross Your T's and Dot Your Filenames (0 replies)
532. Hello Symbian! (0 replies)
533. (Part 2 of .NET native exe insights)Serial fishing and patching .NET exes with Ollydb (9 replies)
534. Rebuilding native .NET exes into managed .NET exes by Exploiting lefotver IL... (6 replies)
535. Some Quick Insights Into Native .NET exe's (part 1 of?) (7 replies)
536. Reverse Engineering Position- TS/SCI Required (12 replies)
537. Symbol Type Viewer 32Bit/64Bit v1.0.0.3 (1 replies)
538. Non-continuable exception trick (1 replies)
539. Inside Session 0 Isolation and the UI Detection Service - Part 1 (0 replies)
540. Something different part 2 (0 replies)
541. New Hex-Rays Demo (1 replies)
542. Different versions of Windows kernel structures (1 replies)
543. gee mail patented algorithm (2 replies)
544. Pythonic way (4 replies)
545. Working? with protected processes in NT 6 (0 replies)
546. Alignment check (0 replies)
547. Re: RtlRemoteCall (0 replies)
548. hm (0 replies)
549. Running Win32 program ASAP after Nt boot (0 replies)
550. Microsoft's Rich Signature (undocumented) (32 replies)
551. Tricky jump tables (0 replies)
552. Reverse Engineering the flash virtual machine (3 replies)
553. Collaborative RCE Tool Library (CRCETL) site update (1 replies)
554. Two Extensions added into Collaborative RCE (2 replies)
555. Why does every heap trace in UMDH get stuck at "malloc"? (0 replies)
556. SoftICE Installation. (23 replies)
557. Easy structure types (0 replies)
558. Eeye BinDiffing Trick (3 replies)
559. Industrial-Grade Binary-Only Profiling and Coverage (1 replies)
560. Refreshing the Taskbar Notification Area (3 replies)
561. Idc script and stack frame variables length (0 replies)
562. Shellcode Analysis (0 replies)
563. SpyShredder Malware Spammed on OpenRCE (0 replies)
564. Array Indexing Quirk (0 replies)
565. MRXDAV.SYS and Hex-Rays Decompiler (0 replies)
566. Shellcoding on Windows: Part II - Stack Overflow Problems (1 replies)
567. Updated ExtraPass plug-in 2.1, and APIScan (2 replies)
568. dr7.gd on mp systems running sice (5 replies)
569. PE Validator Script (2 replies)
570. Thread Optimization Checks : Code Prominence (0 replies)
571. Run-time determination of VC++ virtual member function addresses: Take II (3 replies)
572. Immunity Debugger v1.4 (0 replies)
573. Debugger and process memory (0 replies)
574. KeGetCurrentIrql can't return HIGH_LEVEL (6 replies)
575. aMSN Input Validation Error (2 replies)
576. Direct3D 9 Hook v1.1 (3 replies)
577. Jump tables (0 replies)
578. Something different (0 replies)
579. Shellcoding on Windows: Part I (0 replies)
580. ActiveX - Active Exploitation (0 replies)
581. Context-keyed Payload Encoding (0 replies)
582. Improving Software Security Analysis using Exploitation Properties (0 replies)
583. An Objective Analysis of the Lockdown Protection System for Battle.net (0 replies)
584. FPU Tracer v0.0.1 released (0 replies)
585. .NET unpackme (3 replies)
586. softice nmi hook (4 replies)
587. ScTagQuery: Mapping Service Hosting Threads With Their Owner Service (2 replies)
588. Virtual Machine detection method cd. (0 replies)
589. Old new Virtual Machine detection method. (0 replies)
590. Compiler Optimizations Regarding Structures (0 replies)
591. HP printer and cpu at 100% (4 replies)
592. Binary Search in Large-Scale Structure Recovery (0 replies)
593. Again on Visual Basic (0 replies)
594. GUID-Finder IDA Plug-in (0 replies)
595. Explorer Suite III (CFF Explorer VII) (7 replies)
596. Reversity Speech and Logs Available (10 replies)
597. Control Flow Deobfuscation Part 1 (4 replies)
598. Dvd movie and easter egg (7 replies)
599. A catalog of NTDLL kernel mode to user mode callbacks, part 5: KiUserCallbackDispatch (0 replies)
600. Thread Local Storage, part 2: Explicit TLS (0 replies)
601. Thread Local Storage, part 3: Compiler and linker support for implicit TLS (0 replies)
602. Thread Local Storage, part 4: Accessing __declspec(thread) data (0 replies)
603. Thread Local Storage, part 5: Loader support for __declspec(thread) variables (proces (0 replies)
604. Thread Local Storage, part 6: Design problems with the Windows Server 2003 (and earli (0 replies)
605. Thread Local Storage, part 7: Windows Vista support for __declspec(thread) in demand (0 replies)
606. Thread Local Storage, part 8: Wrap-up (0 replies)
607. How does one retrieve the 32-bit context of a Wow64 program from a 64-bit process on (0 replies)
608. Viridian guest hypercall interface published (0 replies)
609. Why are certain DLLs required to be at the same base address system-wide? (0 replies)
610. A catalog of NTDLL kernel mode to user mode callbacks, part 1: Overview (0 replies)
611. A catalog of NTDLL kernel mode to user mode callbacks, part 2: KiUserExceptionDispatc (0 replies)
612. A catalog of NTDLL kernel mode to user mode callbacks, part 3: KiUserApcDispatcher (0 replies)
613. A catalog of NTDLL kernel mode to user mode callbacks, part 4: KiRaiseUserExceptionDi (0 replies)
614. Thread Local Storage, part 1: Overview (0 replies)
615. The optimizer has different traits between the x86 and x64 compilers (0 replies)
616. Compiler tricks in x86 assembly: Ternary operator optimization (0 replies)
617. A catalog of NTDLL kernel mode to user mode callbacks, part 6: LdrInitializeThunk (13 replies)
618. Reversing the V740, part 4: Implementing a solution (4 replies)
619. Common WinDbg problems and solutions (0 replies)
620. Fast kernel debugging for VMware, part 1: Overview (0 replies)
621. Fast kernel debugging for VMware, part 2: KD Transport Module Interface (0 replies)
622. Fast kernel debugging for VMware, part 3: Guest to Host Communication Overview (0 replies)
623. Fast kernel debugging for VMware, part 5: Bridging the Gap to DbgEng.dll (0 replies)
624. Fast kernel debugging for VMware, part 6: Roadmap to Future Improvements (0 replies)
625. VMKD 1.1.1.7 released (0 replies)
626. I tend to prefer debugging with release builds instead of debug builds. (0 replies)
627. The default invalid parameter behavior for the VC8 CRT doesnâ??t break into the debug (0 replies)
628. Why doesn't the publicly available kernrate work on Windows x64? (and how to fix it (0 replies)
629. Reversing the V740, part 1: Rationale (0 replies)
630. Reversing the V740, part 2: Digging deeper: The connection manager software (0 replies)
631. Reversing the V740, part 3: The V740 abstraction layer module (0 replies)
632. Fast kernel debugging for VMware, part 4: Communicating with the VMware VMM (0 replies)
633. More packer analysis (0 replies)
634. Packer analysis (1 replies)
635. Debugging a custom unhandled exception filter (0 replies)
636. Collaborative RCE Tool Library contents so far (7 replies)
637. ImageRemCert - Removes certificate from PE image. (4 replies)
638. CommWarrior.B Thorough IDB (ARM/C++) (1 replies)
639. MemInfo: Peer Inside Memory Manager Behavior on Windows Vista and Server 2008 (12 replies)
640. dr7.gd - dr6 saving (4 replies)
641. Better user interface for decompiler (3 replies)
642. The Windows Vista Issue (23 replies)
643. Weird Code: CCs On The Stack (0 replies)
644. Windbg “dt” output converter (5 replies)
645. MmGetSystemRoutineAddress : forwards on vista (11 replies)
646. Traversing Offset Semantics : Walking Along the Curb (2 replies)
647. The Collaborative RCE Tool Library (1 replies)
648. syscall fuzzer (0 replies)
649. The secret project finally revealed... (1 replies)
650. Site Relaunch (3 replies)
651. A framework to take the tedium out of code-injection in C++ (3 replies)
652. Beware of int 2c instruction (3 replies)
653. IDC scripting a Win32.Virut variant - Part 1 (4 replies)
654. IDC scripting a Win32.Virut variant - Part 2 (11 replies)
655. Nanomites by Deroko (0 replies)
656. Hang problem due to Hooking Curb in Codes. (0 replies)
657. Vaughn Of The Dead Pt III: Some small-fry (0 replies)
658. Armadillo, Nanomites and vectored exception-handling (8 replies)
659. Recent Events (0 replies)
660. Update on Driver Signing Bypass (0 replies)
661. Windows Vista 64-bit Driver Signing/PatchGuard Workaround (0 replies)
662. Behind Windows x64's 44-bit Virtual Memory Addressing Limit (0 replies)
663. Purple Pill: What Happened (0 replies)
664. Secrets of the Application Compatilibity Database (SDB) - Part 4 (0 replies)
665. Why Protected Processes Are A Bad Idea (3 replies)
666. New Object Manager Filtering APIs (0 replies)
667. Vista DRM Issue Aftermath (0 replies)
668. Rebooting from Kernel Mode (0 replies)
669. How I cracked the iTunes 7 DRM, Pt V (7 replies)
670. Run-time determination of VC++ 2005 virtual member function addresses (0 replies)
671. RCE essentials: PEiD (0 replies)
672. Case study: Fraps (0 replies)
673. How I cracked the iTunes 7 DRM, Pt III (0 replies)
674. DLL injection via CreateRemoteThread (0 replies)
675. Drawing on another Direct3D program's viewport (1 replies)
676. Bypassing IsDebuggerPresent (3 replies)
677. How I cracked the iTunes 7 DRM, Pt I (0 replies)
678. How I cracked the iTunes 7 DRM, Pt II (0 replies)
679. How I cracked the iTunes 7 DRM, Pt IV (3 replies)
680. RDP Botnets : Malware Google Dorking - Not an Easy Task (0 replies)
681. Is Win32 A Debugging API? If Not, How Close Is It? (11 replies)
682. Reversing a ZLib-Obfuscated? Network Protocol (0 replies)
683. Exploring Protocols 2: Writing some tools (0 replies)
684. Exploring Protocols - Part 1 (0 replies)
685. MITMing an SSLized Java App (0 replies)
686. Analyzing Mac OS X Applications 101: CrashReporter and Malloc (0 replies)
687. Refreshing Change Of Pace: Actual Technical Discussions at Nate's Blog (0 replies)
688. Mystery Vulnerability Theater 3000: Part I (0 replies)
689. ridiculous_fish Open-Sources HexFiend! (0 replies)
690. BinNavi Traces IOS and ScreenOS. It's On, Yo. (0 replies)
691. Experimenting with IDA 5.2's scriptable debugger (2 replies)
692. Undocumented Windows 2000 Secrets - free pdf edition (0 replies)
693. Auditing Oracle with Cesar Cerrudo (0 replies)
694. PaiMei / PIDA Fun (0 replies)
695. Breaking in DAV RPC INTERFACE : Peripherals (0 replies)
696. Decompiler output ctree (0 replies)
697. Intrinsic "_ReturnAddress()" C/C++ WTF! (1 replies)
698. New face and new concept for the Reverse Code Engineering Video Portal (2 replies)
699. Small PyDBG Enhancements Incoming (0 replies)
700. Packet Sniffing With ImmunityDebugger (0 replies)
701. Grey Box Web Application Testing With Immunity Debugger (0 replies)
702. Visual Patterns for File Format Fuzzing (0 replies)
703. Reliability of Pseudo Registers in Bug Tracking (0 replies)
704. Python + Microsoft Minidumps (0 replies)
705. Dissecting Windows XP Svchost Internals : Traversing Core Parameters (0 replies)
706. Stack Unwinding : Reliability Panorama (0 replies)
707. An "extra pass" for IDA Pro (2 replies)
708. Hardware Breakpoints : Stature (0 replies)
709. Comming soon! Uber process hooking/detour system! (3 replies)
710. My Training Class (0 replies)
711. Vista Heap, Controlling the Determinism. (0 replies)
712. For those who miss it: Immunity Debugger v1.2 Release (0 replies)
713. Immunity Debugger v1.1 Release (0 replies)
714. Updated APIScan (1 replies)
715. Embedded Portable Executable File (0 replies)
716. Real Time Tracing (0 replies)
717. My first entry (0 replies)
718. Another IDA script: Dump section (0 replies)
719. Assembly Custom GetProcAddress (0 replies)
720. IDA's .IDS Files Part I (0 replies)
721. IDA's .IDS Files Part II (0 replies)
722. ProcDump Thorough IDB (0 replies)
723. T2 2006 VM Analysis (0 replies)
724. Syscall lister (0 replies)
725. Mysteries of win32k & GDI - Win32Thread (0 replies)
726. Null pointer dereference in win32k (0 replies)
727. Immunity Debugger is now released! (0 replies)
728. Immunity Debugger Plugin Awards (0 replies)
729. Dancing with exceptions (4 replies)
730. Future occupation: Archeological reverser? (0 replies)
731. Automating analysis with PyDbg (0 replies)
732. Interesting primer on Virtualization from VMware (0 replies)
733. Mass deface with RFI scanners (0 replies)
734. Semi-automatic import recovery (0 replies)
735. ExeCryptor's code morphing "technology" (0 replies)
736. Why VMware is bad for shareware? (3 replies)
737. Radio? (0 replies)
738. Komodo Edit 4.2 released (0 replies)
739. Visual Basic DllFunctionCall (0 replies)
740. A new player in the virtualization arena for Mac (0 replies)
741. VMWare Fusion? (0 replies)
742. HELLO! (0 replies)
743. OUTLAW ROOTKITS? (0 replies)
744. LINUX AT LAST! (0 replies)
745. Adding IDC commands to the out-of-the-box set (0 replies)
746. Scripting fun (0 replies)
747. EXPLICATOR? (0 replies)
748. On batch analysis (0 replies)
749. Dynamic coloring (0 replies)
750. Does 'return' come back? (0 replies)

Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.