Category Archives: System Security

Superfish – There’s Nothing Super About It

Lenovo has recently been given some bad press about its bundled software (more commonly called bloatware) which is being shipped with Lenovo systems. The software which is causing a large concern is Superfish. An add-on which is supposedly designed to … Continue reading

Posted in Computer Science, System Security | Leave a comment

UPX Packing and Anti-Packing Techniques

Packing is a very common technique used by malware for obfuscation. The most popular and well-known packer is called UPX (Ultimate Packer for Executables). By packing malware binary files, the data stored within the file becomes unreadable, and thus will … Continue reading

Posted in Computer Science, Debugging, System Security | Leave a comment

DDoS Attacks – XML Bomb, Zip Bomb and E-Mail Bomb

One thing which I love about Computer Science is the silly colloquial names given to various attacks produced by hackers and “script kiddies”. The Security field is filled with these great names, and three of these names will be mentioned … Continue reading

Posted in Computer Science, System Security | Tagged , , , , | 3 Comments

Windows Access Tokens – !token and _TOKEN

Windows needs to ensure that untrusted code and untrusted users aren’t accessing important areas of the operating system, and creating problems which would ultimately lead to a vast number of BSODs. Windows manages this through Access Tokens which are used … Continue reading

Posted in Debugging, System Security, WinDbg, Windows Internals | Leave a comment

Windows Integrity Levels – Process Explorer and WinDbg

From Windows Vista onwards, Microsoft has placed a substantially greater focus on the security of the operating system, which is one of the areas most users will neglect and then later come to complain about. In this article I’m going … Continue reading

Posted in Debugging, System Security, Windows Internals | 1 Comment

List of Reverse Engineering and Debugging Tools

I may have created a small list of tools before, however, I would like to expand this list and provide some better descriptions for each of the tools listed. These tools are either completely free or have a limited free … Continue reading

Posted in Debugging, System Security, WinDbg, Windows Internals | 5 Comments

Introduction to Detecting Anti-Debugging Techniques

Malicious Software is able to detect if it’s running within a debugging environment or a debugger has been attached to the process, and thus will not generate of it’s malicious behaviors in order to avoid detection from the security analyst … Continue reading

Posted in Debugging, System Security, WinDbg, Windows Internals | 1 Comment