Tag: Windows

Module Extraction and DLL Hijacking Detection via Single or Multiple Memory Dumps

Recovering Data from the Memory of Telegram Desktop (and other IM Applications)

Disabling DEP in Windows 7 using rop3

Writing a Volatility 3 Plugin

How powerful are Return Oriented Programming attacks?

Reverse-Engineering the String Decryption Algorithm of Mekotio

Unrelocating Windows Modules (II)

Unrelocating Windows Modules (I)

Authenticode (II): Verifying Authenticode with OpenSSL

Authenticode (I): Understanding Windows Authenticode

© 2024 RME-DisCo Research Group

Theme by Anders NorénUp ↑