Articles

Material from different presentations, lectures and projects.

• Malware Analysis Fundamentals > Files and Tools
• Windows Process-Hollowing
• Windows Task Scheduler
• Windows Alternate Data Streams (ADS) - How to hide data and code
• Windows Dynamic-Link Libraries
• Windows Security Components
• Windows Security Environment
• Windows User Mode Components
• Introduction to Cryptography - How obfuscation works
• Windows Encrypting File System (EFS)
• Monitor performance counters and trigger alerts
• Windows Debug Interface Access (DIA) API
• Inspect the Content of a Program Database (PDB) File
• Retrieve the Assembly Identities from a Manifest using C++