877.791.9571 |

About the Author:

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here: http://www.proteansec.com/.
qemu12262013

Qemu Windows Guest: Introduction

In this article we’ll present how we can use Qemu instead of Virtualbox/VMWare. Those products are all great, but sometimes we would just like to use something a little […]

gentoo-harden-4

Gentoo Hardening: Part 4: PaX, RBAC and ClamAV

Grsecurity and Xorg

If we enable the “Disable privileged I/O” feature in the hardened kernel and reboot, we can’t start X server. That’s because Xorg uses privileged I/O operations. We […]

gentoo-harden-3-11042013

Gentoo Hardening: Part 3: Using Checksec

Checksec

The checksec.sh file is a Bash script used to verify which PaX security features are enabled. The latest version can be downloaded with the wget command:

Let’s take a look […]

gentoo-harden-P2-10312013

Gentoo Hardening: Part 2: Introduction to PaX and Grsecurity

Configuring PaX with Grsecurity

We’ve already briefly discussed PaX, but now it’s time to describe it in detail. PaX provides the following security enhancements:

Non-executable memory: Sections that do not contain […]

gentoo-harden-10302013

Gentoo Hardening Part 1: Introduction to Hardened Profile

Introduction

In this tutorial, we’ll talk about how to harden a Linux system to make it more secure. We’ll specifically use Gentoo Linux, but the concepts should be fairly similar […]

Pin-09302013

Pin: Dynamic Binary Instrumentation Framework

Introduction

Pin is a DBI framework for IA-32 and x86-64 architectures, which can be used for dynamic analysis of the binary program at run time. When using Pin framework to […]

linux-kernel09252013

Linux Kernel Development Process

Introduction

When I was listening to the question and answer session at LinuxCon, there was some interesting discussion going on: some of the latest news information is Linus Torvals’s joke […]

WSUS-09102013

WSUS (Windows Server Update Services)

Introduction

Windows Server Update Services (WSUS) can be used to manage the deployment of the latest Microsoft Windows operating system updates. When using WSUS, we can fully manage the distribution […]

WindowsMemoryProtect07052013

Windows Memory Protection Mechanisms

Introduction

When trying to protect memory from being maliciously used by the hackers, we must first understand how everything fits in the whole picture. Let’s describe how a buffer overflow […]

NTDLL-CallFunc06062013

Calling NTDLL Functions Directly

Introduction

If you’re reading this, then you’ve probably wanted to call some internal ntdll function that isn’t exported and easily callable, right? If no, then let me explain what I […]

LVM-06052013

LUKS and LVM

LVM + LUKS

LVM is software that uses physical devices as physical volumes (PVs) in storage pools called volume group (VG). Physical volumes can be a partition, whole SATA hard […]

InjectingDLL-06032013

Using SetWindowsHookEx for DLL Injection on Windows

Introduction

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec .

In this tutorial, we’ll take a look at the DLL injections by using […]

injection-hooking-feature

API Hooking and DLL Injection on Windows

Introduction

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec.

In this tutorial, we’ll take a look at various methods that we can […]

CreateRemoteThread-feature

Using CreateRemoteThread for DLL Injection on Windows

Introduction

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec .

In this tutorial, we’ll talk about how to inject a custom DLL into […]

visual-studio-2010-03072013

Visual Studio and Build Process

Introduction

Each DLL contains various exported functions that can be accessed by other programs. DLLs are being extensively used because the DLL is loaded only once in the physical memory, […]

aspdotnet-internals-feature

The ASP.NET Internals

ASP.NET Configuration Options

The most important configurations in the web.config file will be described in this section:

<authenticaton>

The authentication tag is used at the application level and is used to […]

sysenter-instruc-internals-feature

The Sysenter Instruction Internals

Introduction

In the previous article we’ve seen that whether we’re using the int 0x2e interrupt or sysenter instruction, the same method in kernel is being used. We also identified that […]

debug-Windbg-feature

Introduction to Kernel Debugging with Windbg

Introduction

You’ve probably heard about Windbg before, right? It’s a Windows debugger written by Microsoft that’s used by developers and hackers for debugging the OS. We won’t go into the […]

PE-Header

Presenting the PE Header

Let’s present the whole PE file structure with the picture below (taken from ):

At the beginning there’s a DOS header, which is an MS-DOS compatible executable that always consists […]

The Import Directory

The Import Directory: Part 2

,

You can take a look at the previous article before reading this one. If you already understand the basics of IAT table, then you can skip the first article, but […]