My new tool, SpyDLLRemover is released on the RootkitAnalytics website. This tool helps in detecting and deleting userland based rootkits which hide the processes and injected modules to prevent their detection from antirootkit softwares. Here is the snapshot of SpyDLLRemover detecting the hidden process belonging to HackerDefender Rootkit. Here is another snapshot of SpyDLLRemover detecting […]
You are browsing archives for
Month: March 2009
RootkitAnalytics is Live Now
Finally RootkitAnalytics is on the world net now. Rootkit Analytics [RA] – the science of rootkit analysis, is a web-portal sculptured to enhance research, analysis and development of rootkit defense mechanisms. I am one of the lead member of RootkitAnalytics along with Ryan. Ryan specializes in Linux based rootkit analysis while I focus on Windows […]
Book of the Month : The Shellcoder’s Han
This is one of the best book written on most complex and interesting topics of computer security, ‘Discovering and Exploiting Security Holes’. It starts with explanation of different classes of security vulnerabilities such as stack overflows, heap overflows and format string bugs. Then it goes on describing the techniques to discover these flaws and then […]
Disabling Windows File Protection (SFC)
Lately I have been researching on Windows SFC (System File Checker) mechanism which is used to protect system files against accidental or deliberate modification. I have written about it in more detail as how this technique can be utilized to differentiate between system and normal components. Today while surfing on the net, I came across […]