VN:F [1.7.7_1013]Rating: 0 (from 0 votes)After I wrote about ‘Detecting System DLL’ some of my friends working on malware analysis asked for any tool which can show if the particular file is protected by SFC mechanism. I could not find any such tool and decided to write my own tool, SFCList.  This tool helps to [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)Recently while working on a new tool SpyDLLRemover, I had to separate out the operating system DLLs from others.  To be precise, I needed method to reliably detect malicious DLL among all loaded DLLs of the process.  This requires cornering out the malicious DLL by eliminating legitimate DLLs from the [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)Almost every developer knows the cost of using insecure string function such as strcpy which can lead to buffer overflow exploits.  But no one knows the cost of using the secure string functions. Here is just illustration of how much pain it can cause sometimes…
Have a look at the sample [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)Now a days it is very common get infected even if you have best antivirus software installed with latest signatures. One of the main reason being is the rise in new category of viruses which does not belong to any previously detected virus families. Also the virus writing has become [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)This is the incredible book ever written on darkest area of computer security world. Authors have done splendid job in presenting the most mysterious subject of computer security in very simple and easy to understandable format.

Here is the detailed table of contents….
………………………………………………………………………………………………………….
1. Leave No Trace.
Understanding Attackers’ Motives.
What Is a Rootkit?
Why [...]

Read Full Post »