Mark Russinovich, Pushing the Limits of Windows: Physical Memory
Mark Russinovich, Pushing the Limits of Windows: Virtual Memory
Mark Russinovich, Pushing the Limits of Windows: Paged and Nonpaged Pool
Mark Russinovich, Pushing the Limits of Windows: Processes and Threads
Mark Russinovich, Pushing the Limits of Windows: Handles
2009-09-30
2009-06-08
2009-03-18
2008-11-16
Native API in Windows
Sven B. Schreiber, Interfacing the the Native API in Windows 2000 - with sample application using the undocumented NtQuerySystemInformation() function
Bypassing SFC/WFP (System File Checker/Windows File Protection)
Jeremy Collake - Hacking Windows File Protection - exposed methods: ntdll.NtDuplicateHandle() on corresponding winlogon handles, SfcTerminateWatcherThread(), SfcFileException() and sfc.dll/sfc_os.dll patching
2008-10-31
Exploiting Windows
Matt Miller, Ken Johnson, Bypassing Windows Hardware-enforced Data Execution Prevention (PDF)
bugcheck, Matt Miller, Kernel-mode Payloads on Windows (PDF)
Ken Johnson, Matt Miller, Exploiting the Otherwise Non-exploitable on Windows (PDF)
Ken Johnson, Getting out of Jail: Escaping Internet Explorer Protected Mode (PDF)
mxatone, Analyzing local privilege escalations in win32k (PDF)
bugcheck, Matt Miller, Kernel-mode Payloads on Windows (PDF)
Ken Johnson, Matt Miller, Exploiting the Otherwise Non-exploitable on Windows (PDF)
Ken Johnson, Getting out of Jail: Escaping Internet Explorer Protected Mode (PDF)
mxatone, Analyzing local privilege escalations in win32k (PDF)
2008-10-07
Regular expressions
Nikolai Weibull, Theoretical Foundation of Regular Expressions and Text Editors (PDF, thesis) - symbols, languages,
grammars, regular expressions, finite automata, character sets (Unicode),
pattern matching, and the inner and outer workings of a text editor
Brian W. Kernighan, Rob Pike, Regular Expressions: Languages, Algorithms, and Software - backtracking implementation
Russ Cox, Regular Expression Matching Can Be Simple And Fast (but is slow in Java, Perl, PHP, Python, Ruby, ...) - NFA, DFA, backtracking and performance...
grammars, regular expressions, finite automata, character sets (Unicode),
pattern matching, and the inner and outer workings of a text editor
Brian W. Kernighan, Rob Pike, Regular Expressions: Languages, Algorithms, and Software - backtracking implementation
Russ Cox, Regular Expression Matching Can Be Simple And Fast (but is slow in Java, Perl, PHP, Python, Ruby, ...) - NFA, DFA, backtracking and performance...
2008-10-04
Analysing Malicious Code
Lars Haukli, Analysing Malicious Code: Dynamic Techniques (PDF, long) - API hooking, Networking and Virtualization, Memory Scanning and API Monitoring, Packers, Structural Analysis, Automating analysis
2008-10-03
Gynvael Coldwind's papers
Michał Składnikiewicz, Fibers in a thread
Michał Składnikiewicz, Google Chrome's Sandbox + Is function hooking in Chrome really a security mechanism?
Michał Składnikiewicz, DLL spoofing (PL)
Michał Składnikiewicz, Virtual malware debugger-decompiler (PL, PDF, thesis)
Michał Składnikiewicz, Google Chrome's Sandbox + Is function hooking in Chrome really a security mechanism?
Michał Składnikiewicz, DLL spoofing (PL)
Michał Składnikiewicz, Virtual malware debugger-decompiler (PL, PDF, thesis)
Subscribe to:
Posts (Atom)
