Matthieu Suiche's blog

Archive for July 28th, 2008

Check your system virginity in less than 60 seconds.

July - 28 - 2008

Posted by Matthieu Suiche

Comments Off

Today, I wrote a tool called sym32guid which aims at retrieving all stored Program DataBase (*.PDB File) GUID (Globally Unique Identifier) from a physical memory dump. To do why? The first goal was to use use symbols as additional information regarding unexported functions like the über-famous msv1_0!MsvpPasswordValidate, but it looks it can also be used [ Read More ]

READ FULL POST

Twitter Updates

New commands in WinDbg 6.2.8102.0 http://t.co/Q91NXKLF # 2011/10/02

RT @joshuamsmith_: MoonSols DumpIt released free of charge. (dd for windows, great for forensics) very cool, thx to @MoonSols http://t.c ... # 2011/08/13

"Interesting Malware Trick" using MoonSols DumpIt http://t.co/ljlGpQJ # 2011/08/13

Remember 5-days private training are also available if you want to learn more. See http://bit.ly/l4RAxc for more information. #BlackHat # 2011/08/01

Second round of training about Advanced Physical Memory Acquisition and Analysis starting today ! #BlackHat #LasVegas # 2011/08/01

Happiness only real when shared.

Archive for July 28th, 2008

Check your system virginity in less than 60 seconds.

Twitter Updates

Featured Video

Sponsors

Keep connected

Recent Posts

Categories

Archives