Want to submit an article relating to security or OS internals? Click "Create an Article" on the left menu.
To add code, change the text format from Basic HTML to Full HTML. Then click the "Insert code snippet" icon (located at the top far right of the menu).
Administrators can add articles directly by clicking the top menu Content->Add content->Article.
Evil Mass Storage
Original forum posthere
Evil Mass Storage is a proof of concept USB composite device which demonstrates an end-to-end solution that infiltrates an isolated-offline-network and covertly extracts data over both radio frequency or close access covert storage while hiding from forensi... Read more
Windows - Blocking Process Creation
Windows Supplies drivers with multiple callbacks to get notified about events happening in the system. One of them, as well as the only one that allows blocking, is the process notify routine. It alert all the drivers that are registered to it about process creation and termination.
There are 3 p... Read more
Android - Overview: Debugging Native Applications
One question we often get asked is how to get started with native programming and debugging. This article is designed to help set you up for native programming on Android.
The Android NDK contains the tools required to compile C. Among other things, it also contains GDB, which i... Read more
Windows - Finding the System Root Path
This article describes how to retrieves the System Root path anddemonstrates the use ofZwOpenSymbolicLinkObject, ZwQuerySymbolicLinkObject, IoGetDeviceObjectPointer, and RtlVolumeDeviceToDosName.The path is found by opening then querying the symbolic link "\SystemRoot". The drive letter is then foun... Read more
Windows - Helloworld Driver
One question we often get asked is how to get started with kernel mode programming. This article is designed to help set you up for kernel mode programming on Windows. This requires that you are running Windows OS
Download the Windows Driver Kit 7.1 (WDK)here: https://www.microsoft... Read more