Search:

Type: Posts; User: xedi25

Search: Search took 0.15 seconds.

  1. Replies
    1
    Views
    4,810

    I have just added some new functions to LoadDLL:...

    I have just added some new functions to LoadDLL:


    So that means that now you can select if you want to execute an INT 3 right before the function is executed or the DLL is loaded! Yey!
    ...
  2. Replies
    0
    Views
    4,229

    Alternative Create Remote Thread

    Hi,

    I have wrote this function 2-3 years ago when I was reverse engineering a malware which used this kind of technique:

    This project is a example of of creating a remote thread into a process...
  3. Alternative Delete File / Using Native APIs to delete files

    Hi,

    check out this code:



    #include <windows.h>
    #include <iostream>

    //04913 FileDirectoryInformation = 1,
  4. Replies
    1
    Views
    4,810

    LoadDLL - RunDLL with GUI

    This program allows you to load DLLs on Windows. You can select how to load the DLL. By direct Entry Point call (DllMain) or if you want to call directly an exported function of the DLL.
    ...
  5. Thread: EntropyDir

    by xedi25
    Replies
    0
    Views
    3,066

    EntropyDir

    Calculates the entropy of every file in a given directory and sorts them from high to low. Nice to have when malware dropped some packed files in a directory and you want to know which files are...
  6. Replies
    0
    Views
    2,808

    Malware Resource Scanner

    Malware Resource Scanner can identify PE files which are hidden in other PE file resources which are encrypted by an XOR key (up to an 8 Byte key). You can scan single files and you can also scan a...
  7. Replies
    0
    Views
    3,603

    Alternative IsDebuggerPresent

    My version of IsDebuggerPresent is working like the normal one but my version is able to detect emulation/debugging software with one little trick. At first I'm checking for the IsDebuggerPresent...
  8. Thread: Hi

    by xedi25
    Replies
    3
    Views
    2,310

    Windows. I'm quite good with windows internal...

    Windows. I'm quite good with windows internal stuff like PEB, TEB, anti debugging tricks, emulation etc.
  9. Thread: Hi

    by xedi25
    Replies
    3
    Views
    2,310

    Hi

    Hi guys, I'm a reverse engineer from Austria and yesterday I have found out about garage4hackers on twitter.
Results 1 to 9 of 9