On uninformed.org you can find a whitepaper which describes several ways to get your code covertly executed in the Windows kernel.
More on Windows Local Kernel-mode Backdoor Techniques
«
10 November 2007 |
13:44 |
Forensics, Live Response, Security |
1 Comment | 970 Views
»
Malware Analysis with PEiD
«
11 November 2006 |
15:41 |
Forensics, Live Response |
2 Comments | 2,604 Views
»
I’d like to comment on PEiD. If you have to analyse an unknown binary and you like to know some details about packers, compilers and crypto features, you should give PEiD a try.
I’d like to comment on PEiD. If you have to analyse an unknown binary and you like to know some details about packers, compilers and crypto features, you should give PEiD a try.
Rootkits threat study
«
19 April 2006 |
11:49 |
Security |
No Comments | 2,119 Views
»
McAfee recently published a study about stealth malware – also known as Rootkits. Some of the key findings are:
McAfee recently published a study about stealth malware – also known as Rootkits. Some of the key findings are:
