LiveCloudKd :: Debugging the clouds from the Moon
In case you don’t have seen LiveCloudKd yet, you should go there
http://moonsols.com/blog/15-livecloudkd-debugging-the-clouds-from-the-moon
Trainings in Paris and Las Vegas
If you want to register to a Advanced Windows Physical Memory Analysis to mastering Windd click HERE or HERE
New direction
As you have seen, I didn’t update this blog since a while – There is a reason. I started my own company called “MoonSols”.
I released my first product called “MoonSols Windows Memory Toolkit”. And slides of my last talks at JSSI (Paris, France) and CanSecWest (Vancouver, Canada).
By there way, there is also a twitter feed : @MoonSols
BlackHat DC 2010 – Mac OS X Physical Memory Analysis
Washington D.C. – BlackHat D.C. 2010 Edition is now over. For people who attended or missed the talk, slides are now online. [slides] [more]
MSDN – Matthieu Suiche Developer Network .. and Merry xmas!
Here is my christmas gift for people who reads this blog. If you are looking for structures/types/enums definition which are not necessary in the Official MSDN just refer to the alternative MSDN at the following address: MSDN – Matthieu Suiche Developer Network.
You might have seen this project earlier if you are on Twitter :-)
Structures and enums definition comes from public PDB files provided by Microsoft.
This web interface provides offsets, names, and links to corresponding structures/fields of Windows Kernel. Supported versions are, at the moment, Windows 7 RTM (both x64 and x86 architectures), Windows Vista SP2 (both x64 and x86 architectures) and Windows XP SP2 (x86).
Here is a sample for KUSER_SHARED_DATA of Windows 7 RTM x86, and another one for POOL_HEADER of Windows Vista SP2 x64.
Unlike Nirsoft website, I also provide offsets and a wider choice of Operating Systems.
Merry Xmas!
