Recently, I’ve been working on a task at work which required debugging a malicious Windows driver. To be able to do so, I had to set up a kernel-debugging environment — attach a debugger on my host to a target machine’s kernel. …

How to group entire MongoDB documents based on a certain field

This post serves as a note-to-self; it details a technical problem I had and which took me forever to overcome, or so it felt. Frustration level was high and Twitter is my witness.

Once solved, I couldn’t let the solution be forgotten and so I decided to carve it…

What For?

If you’ve ever written, read or reversed a Windows application you probably know that many Windows API functions have both an ANSI version (SomeFunctionA) as well as a Unicode version (SomeFunctionW).

Not too long ago, I read that many Windows “A” functions end up calling their corresponding “W” versions, after…

I have never managed to memorize all of x86 Assembly’s string instructions — so I wrote a cheat sheet for myself. Then I thought other people may find it useful too, and so this cheat sheet is now a blog post.

This is what you’ll find here:

  1. The logic behind…

Two months ago, my dear friend Carine-Belle sent me a tweet by Women In Tech Fund. The organization was giving five tickets to REcon — an annual reverse engineering conference held in Montreal — to five women whom they would find most suitable.

I decided to give it a shot…


Two weeks from today, the first Low Level & Security Celebration will take place. This event is organized by Baot and its goal is to attract more women into the low level and security fields.

I was given the amazing yet terrifying task of teaching the Reverse Engineering workshop. When…

In short: How to install and setup a network camera that is reachable from outside your private network.


I was never the one to handle connections, cables and routers, until I decided to start watching my two cats while at work (hopefully my boss isn’t reading this).

The two monsters, Xor and Malloc

My boyfriend insisted…

Ophir Harpaz

@ophirharpaz on Twitter. Security researcher at Guardicore. Reverse engineering enthusiast. Author of

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store