In case you don’t have seen LiveCloudKd yet, you should go there http://moonsols.com/blog/15-livecloudkd-debugging-the-clouds-from-the-moon
If you want to register to a Advanced Windows Physical Memory Analysis to mastering Windd click HERE or HERE
As you have seen, I didn’t update this blog since a while – There is a reason. I started my own company called “MoonSols”. I released my first product called “MoonSols Windows Memory Toolkit”. And slides of my last talks at JSSI (Paris, France) and CanSecWest (Vancouver, Canada). By there way, there is also a [ Read More ]
Washington D.C. – BlackHat D.C. 2010 Edition is now over. For people who attended or missed the talk, slides are now online. [slides] [more]
Here is my christmas gift for people who reads this blog. If you are looking for structures/types/enums definition which are not necessary in the Official MSDN just refer to the alternative MSDN at the following address: MSDN – Matthieu Suiche Developer Network. You might have seen this project earlier if you are on Twitter :-) [ Read More ]
Finally, I recently managed to find some time to updated win32dd, now called windd and part of a project codenamed “Pangowings *” (inspired by pangolin mammal). windd supports both 32-bits and 64-bits version (not Itanium, but x64-based) version of Windows from Windows XP to Windows 7. All executables (including drivers) are digitally signed. And I [ Read More ]
In Windows 7 build 7100, SYSTEM_INFORMATION_CLASS had been updated, and some of its classes like SystemLowPriorityInformation updated. Moreover, new classes are introduced like SystemCommittedMemoryInformation. This useless post covers SystemCommittedMemoryInformation class which is part of Windows 7 Memory Manager and aims at retrieving information about committed memory. Function: NtQuerySystemInformation Class: SystemCommittedMemoryInformation Privilege: None Output size: 0×10 [ Read More ]
Yesterday, I wrote a post about TwitPic and Twitter. According to the blog of TwitPic, we can read this: Yesterday we were made aware of a vulnerability with our email posting system that would allow someone to brute force someone’s Twitpic email PIN by trying every combination until one worked. A fix has been put [ Read More ]
Web vulnerabilities are lame and web developpers too. We all know this. And here is what you can read on @britneyspears twitter. Basically, TwitPic allows Twitter users to upload + post pictures on their Twitter status. How? You have to login on the TwitPic website with your login+password, then upload your picture and that’s it. [ Read More ]
(Honolulu, HW) – Here is a quick post to provide ressources presented this afternoon at Shakacon 2009. This talks aims at showing to win32dd users (forensics engineers, investigators, incident response engineers, ..) why physical memory analysis is important, and mainly covers how to rethink memory acquisition and exploitation in a more efficient way. Slides are [ Read More ]
