Ayoub Faouzi

Ayoub Faouzi is interested to computer viruses and reverse engineering, In the first hand, he likes to study PE packers and protectors, and write security tools. In the other hand, he enjoys coding in python and assembly.
Ayoub Faouzi

X86 Assembly Language, Part 3.2 [Updated 2019]

- Ge! Stop! What's Segmentation? Memory segmentation The 80186 is a faster version of the 8086. It also has a 20-bit address bus and 16-bit data bus,

Beta Bot Analysis: Part 2

Extracting the Botnet Configuration: The bot configuration is encrypted inside the bot and decrypted while the bot is running. In, 1.5 and 1.6 versi

Andromeda Bot Analysis part 2

Bot Analysis: Now, you get the original Andromeda build file. Load the unpacked sample at OllyDBG. As before, after the stack frame at the EP, you see that t

Andromeda Bot Analysis part 1

Introduction: Andromeda, also known as Win32/Gamarue, is an HTTP based botnet. It was first spotted in late 2011, and is still at this moment used a lot in h

Asprox / Kuluoz Botnet Analysis

Introduction Kuluoz, aka Asprox, is a spam botnet that emerged in 2007. It has been known for sending mass of phishing emails used in conjunction with social

X86 Assembly Language, Part 3.1

For part 2 of this series, please click here. Programming in a high-level language does not require a detailed knowledge of the system hardware. Assembly la

X86 Assembly Language, Part 2

Hi Guys, Hi Megabyte, let's get the ball rolling. In this chapter, I provide a brief introduction to Assembly language programming tools. This chapter is

x86 Assembly Language, Part 1

As usual, last Friday night I was hanging out with friends, picking up girls in the street and chasing after them. One night, I had a strange feeling just li

Getting Your Hands Dirty in x86 Assembly Code

For those of you who have been following my eventful career, you already know that this is actually my second published tutorial. Just to bring you up to dat