Monthly Archives: April 2014

Process Directory Table Base and CR3 with Stop 0x101

This is a very simple error, and be can useful in providing a hint at which point the crash may have occurred. This has been explained by Scott Noone on this blog, but I wanted to write my own blog … Continue reading

Posted in Debugging, Stop 0x101, WinDbg | 1 Comment

Introduction to Detecting Anti-Debugging Techniques

Malicious Software is able to detect if it’s running within a debugging environment or a debugger has been attached to the process, and thus will not generate of it’s malicious behaviors in order to avoid detection from the security analyst … Continue reading

Posted in Debugging, System Security, WinDbg, Windows Internals | 1 Comment

Debugging LPCs with WinDbg

LPCs or Local Inter-Process Communication calls are used to communicate between two User-Mode NT components, or between a User-Mode component and a Kernel-Mode Component. I believe there may be some bugchecks related to LPCs or at least problems you may … Continue reading

Posted in Debugging, WinDbg, Windows Internals | 1 Comment

Understanding Memory Probes – A Quick Introduction

You may notice with Stop 0x50, there is the mentioning of something called the memory probe, the memory probe is a type of function which is used to check that a buffer (chunk of virtual memory) resides within user-mode and … Continue reading

Posted in Debugging, Windows Internals | Leave a comment

Debugging Stop 0x50 – A Few Little Clues

This is the first time I’ve debugged in a while, and the example is from a dump file which my friend on Sysnative Patrick has been debugging, but I wanted to write another debugging post which explained a few additional … Continue reading

Posted in Debugging | Leave a comment

Automata Theory – Finite State Automata and Regular Languages

Automata are abstract models of automatic machines which tend to have a very limited number of states they can be in. We use Automata without even knowing it, the most common example I can think of is the use of … Continue reading

Posted in Theoretical Computer Science | Leave a comment