Process Environment Block (PEB) is a user mode data structure which applies over a whole process. It is designed to be used by the application-mode code in the operating system libraries, such as NTDLL.dll, Kernel32.dll. Through the use of PEB one can obtain the list of loaded modules, process startup arguments, ImageBaseAddress, heap address, check […]
You are browsing archives for
Category: Computer Security
SEH Exploitation to Get Shell Access
Structured Exception Handling is a mechanism for handling both hardware and software exceptions in Windows OS. Structured exception handling enables us to have complete control over the handling of exceptions and it also provides support for debuggers as well. SEH exploitation is based on stack buffer overflow technique. It becomes easy to exploit a […]
Our Local Security Meet [14th September ...
Talks: 09:30 – 10:15: Webworkers for Beginners – Prasanna K Web workers are long-running scripts that are not interrupted by user-interface scripts (scripts that respond to clicks or other user interactions). Keeping such workers from being interrupted by user activities should allow Web pages to remain responsive at the same time as they are running […]
Bamital Analysis using Malpimp and Pymal
A couple of months ago, I released my two new tools Malpimp and PyMal for malware analysis. Malpimp aims at API tracing and PyMal is a general purpose malware analysis tool. In this blog I will discuss how to use both of them in malware analysis. As a case study I am using Bamital botnet […]
Our Local Security Meet on 24th August 2...
Talks: 09:30 – 10:00: WebSQL for Beginners – Prasanna K 10:00 – 10:10: Introductions 10:10 – 10:30: News bytes – Srinivas 10:30 – 11:00: Bit Coin Mining – Nikhil Kulkarni This talk would be about all you wanted to know about Bit Coins. Right from how it began, till how and where all it is […]
Announcing Results for the Student Mento...
We are very glad to announce the results of our mentorship programme, 2013. In the selection process we first shortlisted the participants on the basis of the answers they provided for questionnaire. The shortlisted candidates were then interviewed by our members. On the basis of their comments following students are selected for this programme. […]
Advanced Malware Analysis Training Sessi...
Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on Malware Memory Forensics. This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012. In this extended session, Monnappa explained extracting malware forensics artifacts from memory using Volatility – advanced memory […]
Advanced Malware Analysis Training Sessi...
Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on Sandbox Analysis. This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012. In this advanced session, Monnappa delivered extraordinary presentation on malware sandbox analysis explaining overview, architecture with examples. He […]
Mentorship Programme Application Form [2...
Today as we celebrate 6 years in our ‘Knowledge Sharing’ work, we are launching second edition of our Student Mentorship Programme. Application Form for session 2013-2014 is online now. To apply to this Mentorship Programme, aspiring students have to fill Mentorship Programme Application form. Please download the form from our Student Mentorship Page here Application […]
Advanced Malware Analysis Training Sessi...
Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) where Amit Malik delivered an advanced session on Anti-Analysis Techniques This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012. In this advanced session, Swapnil talked about various anti-analysis techniques involving anti-debugging, anti-vm, anti-anti-reversing along with practical […]