Rootkits Hooking or Monitoring System calls in linux using ftrace In this post we will see how can you use ftrace to hook linux system calls. For learning purpose, we will create a kernel module that will make any target file immutable in system. By Shubham Dubey 24 Sep 2021
Reverse engineering Remote debugging windows kernel driver(without symbols) using windbg In this post we are going to learn few tips and tricks to debug a Windows kernel driver without symbols in windbg. By Shubham Dubey 2 Jul 2021
Tutorial Developing and Installing your first Kernel driver in Windows 10(under 10 min) Windows kernel development is painful to follow after lots of changes in driver handling by windows. In this article I will help you with developing and installing your driver in less than 10 minutes in windows 10. By Shubham Dubey 10 Jun 2020
Virtualization Developing hypervisor from scratch: Part 4 - Setting up HOST and GUEST State In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of HOST and GUEST state area and at last the vmlaunch. By Shubham Dubey 12 Nov 2019
Virtualization Developing hypervisor from scratch: Part 3 - Setting up VMCS In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will do the setup of VMCS structure. By Shubham Dubey 30 Sep 2019
Virtualization Developing hypervisor from scratch: Part 2 - VMXON Operation In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. In this part we will execute VMXON operation. By Shubham Dubey 9 Aug 2019
Virtualization Developing hypervisor from scratch: Part 1 - Intro and Setup In this article series you are going to learn how to develop your own hypervisor for virtualization in linux ecosystem. Also this series will help to learn low level virtualization. By Shubham Dubey 8 Aug 2019
Firmware Getting processor information using cpuid instruction and inline assembly cpuid is a processor specific instruction used to get processor's information and features. In this post we are going to learn how to extract those information using inline assembly in c. By Shubham Dubey 19 Jul 2019
Malware Malware analysis interview questions with detailed answers (Part 1) Here is a series of important questions with detailed answers for malware analysis interviews. These question can be helpful for both candidates and interviewers. By Shubham Dubey 3 Aug 2018
Security Creating encrypted partition in linux The risk of systems getting physically compromise, particularly portable systems such as laptops, puts sensitive data at risk of compromise. Encrypting its data mitigates the risk of getting exposure if system is lost. By Kshitij Upadhyay 10 Feb 2018
Virtualization Creating ARM architecture environment inside x86/x64 linux If you want your hands on arm architecture assembly then you probably would be wondering how can I generate the *ARM* assembly or use ARM toolset in general inside my intel x86 or x64 architecture system. In this article we will explain you how you can do that by using qemu and chroot. By Shubham Dubey 9 Feb 2018
Security Reduce Security Risks with SELinux Discover SELinux, a security module that provides extra protocols to ensure access control security. It supports mandatory access controls (MAC) and is an integral part of RHEL’s security policy. By Kshitij Upadhyay 3 Feb 2018
Exploit Development Exploiting Off-by-One buffer overflow vulnerability Off-by-one vulnerability is little difficult to find and hence can be present in big softwares.It can cause due to not aware of fact if your string provided is not null terminating then strcpy will add a null terminator at the end of string, By Shubham Dubey 29 Jan 2018
Containers Demystifying Linux Containers(LXC) Containers are the future when it comes to using and shipping applications. But Linux containers or LXC can be used for more than just that. This article covers the use of LXC on a daily basis as well as for production. By Shubham Dubey 2 Jan 2018
Security Finding and removing malware from windows in minimal steps using sysinternals suite Did your system ever get affected with malwares? Did you know you can manually remove common malwares with very little technical knowledge. In this article I will explain you how to find malware using sysinternals suite. By Shubham Dubey 31 Dec 2017