Articles

The development of pestudio is also based on the know-how acquired while preparing many presentations. This section references some of the articles that I have written for different presentations and lectures.

• Windows Malware Analysis Fundamentals - Files|Tools
• Windows Task Scheduler Monitor
• Windows Alternate Data Streams (ADS) - How to hide data and code
• Windows Dynamic-Link Libraries
• Windows Security Components
• Windows Security Environment
• Windows Services
• Windows User Account Control (UAC)
• Windows User Mode Components
• Introduction to Cryptography - How obfuscation works
• Windows Encrypting File System (EFS)
• Monitor performance counters and trigger alerts
• Windows Debug Interface Access (DIA) API
• Inspect the Content of a Program Database (PDB) File
• Query the New Windows Audit Policies Programmatically
• Retrieve the Assembly Identities from a Manifest using C++
• Performance Counters Enumerator