Windows Vista and unexported kernel symbols (Part II, 32bits version)
Articles, Reverse Engineering, WindowsThis paper exposes part II of my previous article about Windows Vista and internals structures. This one is talking about the 32bits version and aims to show new authencity tricks.
Download it from the following link:
Windows_Vista_32bits_and_unexported_kernel_symbols.pdf
Cheers,
Windows Vista 64-bits and unexported kernel symbols.
Articles, Reverse Engineering, WindowsHi,
I’m gonna published my (the?) first paper of the year 2007 !! :)
This article is talking about Windows Vista 64bits and its system structures which are proteged against rootkit. I also explain how these structures can be authentified without Pathguard.
Windows Vista 64bits and unexported kernel symbols.pdf
Happy New Year !!!
Translation of my “Patchguard alternative theory” presentation!
Presentations, Reverse Engineering, WindowsI did a translation into English of my previous presentation which explain how to realize a protector for IDT, SSDT, and syscall address on Windows 32 and 64bits.
The translation can be found at the following link : Windows Vista Kernel Security - [EN].ppt
I’m writting an article about it which will be released very soon.
Happy merry […]
First commit @ TinyKrnl !
Blogging, Programming, Reverse Engineering, TinyKRNLHi there!
I’m proud to announce I did my first commit for tinykrnl !
http://svn.reactos.ru/svn/tinykrnl?view=rev&revision=729
Cheers,
OSSIR - Windows Vista Kernel Security
Presentations, Reverse Engineering, WindowsHi there,
Today I did a presentation at the French Engineer School named Ecole Normal Supérieur. French Slides can be found at the following link OSSIR - Windows Vista Kernel Security.
In this presentation I’m showing an alternative theory to Patchguard on Windows Vista 32/64bits.
An article will be soon available.