Relocation Table and Import Address Table (IAT) in Reflectively Loaded PE File
A dive into the fixing of Reloc table and IAT by creating a reflective loader.
Malware Owl (◎▼◎)
Anything POC / Learning
Quick Study of Bring Your Own Vulnerable Driver (BYOVD)
Quick Study of BYOVD including Root Cause Analysis and how it can be abused by attackers to disable or evade security solutions.
Alien Saboteaur - HTB Cyber Apocalyse 2023
A quick writeup on a Virtual Machine Based CTF Challenge.
A quick Look at a Dropper and Downloader
Just a random quick analysis of a recent sample that was uploaded on VirusTotal. The first ever in this blog at least ...
Flare-on 9 - Challenge 9 and 11
This year of flare-on is the third try and the first that I have ever completed so far! Definitely did have my share of pain and joy during this time of challenges. For this post, I will share my writeup on challenge 9 and 11.
Trying out z3 Solver (DUCTF2022 - EZPZ RE + pwn)
I have always wanted to give z3 solver a try and had decided to use this for solving Ezpz from DUCTF2022.
Understanding 64 bits Windows 10 Shellcode (Calc.exe) - Part 2
Now that we have an understanding about how shellcode works, let's write one ourselves now @.@
Understanding 64 bits Windows 10 Shellcode (Calc.exe) - Part 1
In this part, we will see how basic shellcode works and how we move from the TEB structure to getting Kernel32.dll base address to getting WinExec's function pointer and popping calculator.