Eylül 18, 2024 – Annanowa

18Eyl

Binary Ninja Plugin: fix-stomped-imports

Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware that proved to be tricker than expected. As we’ll see, this sample maps a PE into memory with a stomped header, making it…

Çağlar Arlı - 0 Views

18Eyl

Imperius – Make An Linux Kernel Rootkit Visible Again

A make an LKM rootkit visible again. This tool is part of research on LKM rootkits that will be launched. It involves getting the memory address of a rootkit’s “show_module” function, for example, and using that to call it, adding it back to lsmod,…

P	S	Ç	P	C	C	P
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Annanowa

Daily Archives: Eylül 18, 2024

Binary Ninja Plugin: fix-stomped-imports

Imperius – Make An Linux Kernel Rootkit Visible Again

Son Yazılar

Son Yorumlar