Reverse engineering

Reverse engineering

Introduction In the previous article, I've written and described a kernel mode driver, but I haven't actually done anything with it. There's something missi

Reverse engineering

Introduction If you haven't read the first two articles yet, here and here, then you probably should, because they are essential to understanding what we'll

Reverse engineering

General Overview Before going any deeper on this subject, we need to clarify a huge ambiguity regarding signing for versioning and signing for protecting.[p

Reverse engineering

Details of Driver Development Environment In the previous article , we saw that upon installing WDK 7.1.0, we got build environments for Windows 7, Windows S

Reverse engineering

In the previous tutorial, we've seen how one would go about booting the Linux operating system by using GRUB. We presented the basic overview of the booting

Reverse engineering

Introduction In this article, we'll take a closer look at the booting process of the Linux operating system. We've already described the booting process i

Reverse engineering

Introduction In this tutorial, we'll introduce a few basic tools that we need to have available when doing kernel debugging on Windows. Besides that, we'll p

Reverse engineering

In this article, we'll present a couple of examples where we'll be using the 0x2e int instruction to interrupt the kernel and call some interrupt service rou

Reverse engineering

Introduction The MSDOS system uses IVT (Interrupt Vector Table) to hold the interrupt vectors that are called whenever some action occurs: like an interrupt

Reverse engineering

Introduction Each process started on x86 version of Windows uses a flat memory model that ranges from 0x00000000 – 0xFFFFFFFF. The lower half of the memory,