Search Results

Found 16 blog topic(s) in 2ms. The latest articles will appear on top:

• 
  Things You Thought You Knew - Getting Windows Version

  How to tell the "real" version of Windows your app is running on?

  windows-internals

  win32

  reverse-engineer

  undocumented

  October 20, 2022

  by Dennis A. Babkin

  by Rbmm
• 
  Crazy APIs & Silly Documentation - Part 1

  Microsoft's MSDN faux pas & weird sh*t you can find while reverse engineering Windows.

  silly-doc

  weird-api

  windows-internals

  reverse-engineer

  win10

  first post

  July 31, 2022

  by Dennis A. Babkin

  by Rbmm
• 
  Incorrect COM initialization and sporadic crashes

  The perilous results of incorrect sequence of calls to CoInitialize and CoUninitialize functions.

  cpp

  win32

  com

  credential-provider

  bug

  windows-internals

  July 29, 2022

  by Dennis A. Babkin
• 
  When Developers Give Up - DeleteSecurityPackage Function

  Why it pays off to look into some Win32 functions with a disassembler.

  reverse-engineer

  undocumented

  windows-internals

  asm

  cpp

  debugger

  October 13, 2021

  by Dennis A. Babkin
• 
  Coding Windows Kernel Driver - InjectAll

  Making the Visual Studio solution for DLL injection into all running processes.

  windows-kernel

  win32

  windows-internals

  cpp

  msvs

  apc

  asm

  pe

  ...

  May 29, 2021

  by Dennis A. Babkin

  by Rbmm
• 
  Controlling Windows 10 Updates

  How to enable installation of updates or to prevent it during a reboot or shutdown.

  updates

  win10

  reverse-engineer

  windows-internals

  undocumented

  January 21, 2021

  by Dennis A. Babkin

  by Rbmm
• 
  Patching Bugs - Windows Update Service - Part 2

  Second custom patch for the DLL hijack bug in the Windows Update Service.

  win10

  updates

  bug

  reverse-engineer

  windows-internals

  January 12, 2021

  by Rbmm

  by Dennis A. Babkin
• 
  Patching Bugs - Windows Update Service

  Custom patch for the DLL hijack bug in the Windows Update Service.

  win10

  updates

  bug

  reverse-engineer

  windows-internals

  January 8, 2021

  by Dennis A. Babkin
• 
  Windows Authentication & Smart Cards

  A primer on the Windows authentication process, Kerberos, smart cards and password-less entry.

  credential-provider

  win-logon

  smartcard

  win10

  windows-internals

  December 22, 2020

  by Rbmm
• 
  Depths of Windows APC

  Aspects of internals of the Asynchronous Procedure Calls from the kernel mode.

  windows-internals

  apc

  windows-kernel

  win32

  cfg

  undocumented

  asm

  November 27, 2020

  by Rbmm

  by Dennis A. Babkin
• 
  Windows Security Legacy

  DLL Hijacking - Why running executables from a user-writable location is a bad idea.

  windows-internals

  pe

  win10

  vulnerability

  bug

  anti-malware

  cig

  mitigation-policy

  November 13, 2020

  by Dennis A. Babkin
• 
  Intricacies of Windows APC

  Deep dive into user-mode Asynchronous Procedure Calls in Windows.

  windows-internals

  win32

  apc

  November 11, 2020

  by Dennis A. Babkin

  by Rbmm
• 
  Deep Dive Into Windows PE Format - GetProcAddress Spoofing

  Malware researchers - Beware of GetProcAddress spoofing via manipulation of PE format in memory.

  windows-internals

  asm

  pe

  anti-malware

  msrc

  October 1, 2020

  by Dennis A. Babkin
• 
  Deep Dive Into Assembly Language - Windows Shellcode - GetProcAddress

  How to implement GetProcAddress in shellcode using x86-64 and x86 assembly language.

  windows-internals

  asm

  shellcode

  pe

  September 14, 2020

  by Dennis A. Babkin
• 
  Pwning Windows Updates - DLL Hijacking Through Orphaned DLL

  Exploiting bug in Windows Update Service to gain local privilege escalation through DLL hijacking.

  win10

  updates

  bug

  reverse-engineer

  windows-internals

  September 12, 2020

  by Dennis A. Babkin

  by Rbmm