Sohail SahaUsing syscalls to bypass User-land EDR hooksThis post discusses direct and indirect syscalls, and showcases how to use this idea to bypass user-land EDR hooks.4d ago
Nikhil guptaVulnerable Windows Driver In a NutshellDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…6d ago
Sohail SahaA Gentle Introduction to Syscalls in WindowsThis post introduces the concept of syscalls in Windows, and all the relevant prerequisite concepts — System services, SSDTs and SSNs.4d ago4d ago
Nikhil guptaAnatomy of State of the Art DebuggerDebuggers are specialized tools used by developers, security researchers, and reverse engineers to inspect the internal behavior of…Sep 14Sep 14
Sohail SahaUsing syscalls to bypass User-land EDR hooksThis post discusses direct and indirect syscalls, and showcases how to use this idea to bypass user-land EDR hooks.4d ago
Nikhil guptaVulnerable Windows Driver In a NutshellDisclaimer: The code and techniques provided in this blog are intended for educational purposes only. They are designed to help individuals…6d ago
Sohail SahaA Gentle Introduction to Syscalls in WindowsThis post introduces the concept of syscalls in Windows, and all the relevant prerequisite concepts — System services, SSDTs and SSNs.4d ago
Nikhil guptaAnatomy of State of the Art DebuggerDebuggers are specialized tools used by developers, security researchers, and reverse engineers to inspect the internal behavior of…Sep 14
Nikhil guptaAll kill Zero Fill — Anatomy of EDR KillersThe evolution of Antivirus (AV) technologies began in the early 1980s with signature-based detection, where AVs identified malware by…Sep 12
Nikhil guptaAnatomy of an Anti-Debugging MalwareAnti-debugging is a technique used by Malware developers to shield their malware from analysts who might attempt to analyze it or…Aug 15
Nasreddine BencherchaliDemystifying the “SVCHOST.EXE” Process and Its Command Line OptionsUnderstanding the “svchost.exe” process and its command line optionsSep 26, 20201