...so the malware would finally shut up and run| mindless-area
Undocumented feature fights back - About a year ago, I’ve started to wonder what’s the best way to write a position-independent shellcode. What I was ideally looking for was some kind of “shellcode framework”. Something that would allow me to write nearly regular C/C++ code without too much restrictions and compiles it into a position-independent...| mindless-area
The Nemesis of Virtual Machine Introspection - A story about how one scary function accompanied me for more than 5 years. The First Encounter Once upon a time I was working on a “blue pill”-like hypervisor - hvpp - a small Windows driver that enables virtualization of the running system. The purpose was to monitor and research...| mindless-area
Remote kernel debugging (not only) your Windows on ARM| mindless-area
...re-discovering Heaven's Gate on ARM| mindless-area