Windows Bigpools
An overview of how the Windows Kernel handles large memory allocations using BigPools, including internal structures and debugging techniques.
Windows Objects: Structure, Headers, and Internal Mechanics
A deep dive into Windows objects, focusing on their structure, headers, and relationships. This blog covers key components like _OBJECT_HEADER, OBJECT_TYPE, and ObTypeIndexTable, providing insights into how Windows organizes and references objects.
Application Crash Dump Analysis
This post explores application dumps, a crucial tool for debugging and analyzing software errors, offering insights into memory analysis and troubleshooting techniques
Kernel Memory Dump Analysis : Introduction
An introduction to analyzing kernel memory dumps using WinDbg.
Windows Shellcode Development & Debugging with WinDbg: A Hands-On Guide (Part 2)
A comprehensive guide to understanding and creating Windows shellcode from scratch for exploit development. This article includes practical insights into using WinDbg for effective debugging and analysis.
Windows Shellcode Development & Debugging with WinDbg: A Hands-On Guide (Part 1)
A comprehensive guide to understanding and creating Windows shellcode from scratch for exploit development. This article includes practical insights into using WinDbg for effective debugging and analysis.
PE Parsing: A Step-by-Step Guide with WinDbg - Part 2
Hands on parsing PE files with WinDbg and explore their structures for debugging and reverse engineering.
PE Parsing: A Step-by-Step Guide with WinDbg - Part 1
Hands on parsing PE files with WinDbg and explore their structures for debugging and reverse engineering.
ReAL-File-System-bi0sCTF2024
Full detailed writeup for ReAL-File-System which is centered around ReFS Log Analysis.
tl;dr
- Disk Forensics
- Resilient File System
- Log Analysis
Network-KeyLogger
how to decode the keystrokes from the pcap