I did a translation into English of my previous presentation which explain how to realize a protector for IDT, SSDT, and syscall address on Windows 32 and 64bits. The translation can be found at the following link : Windows Vista Kernel Security – [EN].ppt I’m writting an article about it which will be released very [ Read More ]
Hi there! I’m proud to announce I did my first commit for tinykrnl ! http://svn.reactos.ru/svn/tinykrnl?view=rev&revision=729 Cheers,
Hi there, Today I did a presentation at the French Engineer School named Ecole Normal SupĂ©rieur. French Slides can be found at the following link OSSIR – Windows Vista Kernel Security. In this presentation I’m showing an alternative theory to Patchguard on Windows Vista 32/64bits. An article will be soon available.
This is a very interessting tool I did one year ago to realize proof of concept of my IDT authenticity theory. Tool can be found at : IDTGuard v0.1 Note: This tool doesn’t work with Windows 2003 SP1 cause I used \\PhysicalMemory. (http://technet2.microsoft.com/WindowsServer/en/library/e0f862a3-cf16-4a48-bea5-f2004d12ce351033.mspx?mfr=true The following paste is a sample of use with the 0x2D interrupt [ Read More ]
