Wednesday, September 30, 2009

Saturday, September 19, 2009

Third book of Rootkits

If you are one of the guys who is interested in Rootkits ( Dark Guys ;) )(I have insanity about rootkits) like me , then you love and know eveything about them, remember the old days that the book rootkits : subverting the windows kernel was published by Greg huglond and James Butler, and the second book on rootkits was Professional rootkits from wrox press (great publisher) and now the third publication on Rootkit subject is the rootkit arsenal. I didn't see it and don't reading this till now, but tonight, I saw this great book that Open-RCE guys announced, and I've been prepared for downloading . here's the properties, check it out, and put your feedback here .




and the table of contents :

Part 1 Foundations
Chapter 1 Setting the Stage
Chapter 2 Into the Catacombs: IA-32
Chapter 3 Windows System Architecture
Chapter 4 Rootkit Basics
Part 2 System Modification
Chapter 5 Hooking Call Tables
Chapter 6 Patching System Routines
Chapter 7 Altering Kernel Objects
Chapter 8 Deploying Filter Drivers
Part 3 Anti-Forensics
Chapter 9 Defeating Live Response
Chapter 10 Defeating File System Analysis
Chapter 11 Defeating Network Analysis
Chapter 12 Countermeasure Summary
Part 4 End Material
Chapter 13 The Tao of Rootkits
Chapter 14 Closing Thoughts


then a good announcement is you can download this great book as ebook ;)
here's the download link .

Saturday, September 12, 2009

Reverse me #1

Hey there, here's I've been written a simple / simple / simple program, you must reverse it, it will show you a simple message box and say : Win32 Assembly is great !.
It has just one button , "Ok", you must reverse this program and patch it for showing another button "cancel" after the patch process you must upload the patched file here, and the file must have two button, first "Ok" and other "cancel" .
here's the link :
http://rapidshare.com/files/279257573/ReverseMe_1.exe.html
this is a simple reverse me for newbies, not pros ! so leave the newbies alone !
thnx .