On the road of hiding… PEB, PE format handling and DLL loading homemade APIs – part 1

For some strange reasons, I decided to start my road into the malware/reversing world by rewriting the four holy APIs used in importing functions from DLLs, i.e. GetModuleHandle, GetProcAddress, the mighty LoadLibrary and finally FreeLibrary. If any of you don’t know/remember what and how useful they are, here’s a quick lesson/refresh: LoadLibrary: loads a new […]

Interest revival…. Hello, again!

This blog borns from an evening made of rage and cries. I’ve realized that for so much time I’ve wasted my time on the PC forgetting to gain serious knowledge in what I was really interested into. I can remember when I was a child, tryin’ to understand how Back Orifice 2000 was really working, […]