In this awesome presentation, Raghav Pande explained the concept of public protections and showed how public exploit mitigation toolkits are not enough to protect from a targeted attack as well as how easy it is to evade all public protections. Presentation:
You are browsing archives for
Category: Windows Security
SX 4th Meetup – Exposing the secrets of
In this awesome presentation, Subrat Sarkar explained the concepts of Windows logon mechanism, Windows Logon architecture, Windows credential provider and showed how an attacker can take advantage of credential provider to steal Windows password in plain text and how to find and mitigate this issue. Presentation:
PE File Overview
PE stand for Portable Executable that is native file format for Win32. Portable Executable file format is universal across all win32 platform. All Win32 executables like Control Panel Applets (.CPL ), 32bit DLLs, COM files, .NET executables and also NT’s kernel mode drivers. Note that VxDs(virtual device drivers) and 16 bit DLLs not use PE […]
Shellshock- the Destroyer
Shellshock – the latest vulnerability that was disclosed on 24 September 2014. Shellshock is also known as BASH Bug or Bashdoor. Firstly the original bug discovered by Stéphane Chazelas on 12 September 2014 and suggested the name “bashdoor” to it. Common Vulnerabilities and Exposures (CVE) identifier assigned to it is CVE-2014-6271. This bug exploit worldwide […]
Session 4 – Assembly Programming Basics
When we analyse malwares we don’t have the source code. So in order to understand their logics we have to debug binaries (i.e. compiled form of source code like .exe, .dll etc.). In debugging we need to understand assembly of the program to build a high level logic. In short without assembly language you can’t […]
Session 3 – Windows PE File Format Basic
This session is one of the most important session of the entire course. PE file format is the windows executable file format and a very good understanding of it will allow you to understand more advanced concepts of packers, loaders etc. Check the reference section for additional papers and books.
Session 2 – Introduction to Windows Inte
This presentation will cover some must have things about windows internals. This session is very important so carefully read all the slides and reference links.