Skip to content
- March 14, 2021: Reverse engineering Mortal Kombat GRA file format (part 2)
- August 24, 2018: Reverse engineering Mortal Kombat GRA file format (part 1)
- March 15, 2017: PCAUSA Rawether for Windows local privilege escalation
- November 27, 2016: GoGoGadget - kernel exploitation helper class
- November 10, 2016: Leaking EPROCESS address of the specific SYSTEM processes
- September 26, 2016: MSI ntiolib.sys/winio.sys local privilege escalation
- August 26, 2016: IceCTF 2016 Slickserver/Slickerserver pwn writeup
- March 1, 2016: SSCTF 2016 Quals Re5 writeup
- December 11, 2015: wow64ext v1.0.0.8
- November 29, 2015: Terminus Project launch.
- June 24, 2015: wow64ext v1.0.0.7
- June 14, 2015: Java VM Operand Stack Viewer
- June 5, 2015: WoW64 internals: Unexpected behaviour of NtQueryDirectoryObject
- May 23, 2015: Reverse engineering Might and Magic III compression
- May 7, 2015: Resolving VMware Workstation 10.0.6 crash
- December 21, 2014: dirtyJOE v1.7 (c529)
- July 4, 2014: wow64ext v1.0.0.6
- June 24, 2014: wow64ext v1.0.0.5
- February 16, 2014: Solving warsaw's Java Crackme 3
- November 29, 2013: Java bytecode debugging
- November 29, 2013: dirtyJOE v1.6 (c472)
- November 4, 2013: wow64ext v1.0.0.4 - bugfix release
- October 19, 2013: wow64ext finally compatible with Windows 8
- October 2, 2013: Solving RedBeanSoup's 1st Crackme (IronPython)
- June 28, 2013: WoW64 internals: Tale of GetSystemFileCacheSize
- March 2, 2013: Evolution of Process Environment Block (PEB)
- February 12, 2013: Solving |sas0|'s "The Game" crackme (.NET)
- January 31, 2013: Debugging ring 3 part of PE/PE+ loader
- October 15, 2012: wow64ext library update 2
- July 24, 2012: Solving gim913's KeygenMe#01
- July 18, 2012: __sse2_available
- May 8, 2012: wow64ext library update
- January 12, 2012: Reading memory of x64 process from x86 process
- January 7, 2012: PEB32 and PEB64 in one definition
- November 4, 2011: Random thoughts about embedding python into your application
- October 5, 2011: Windows SuperFetch file format - partial specification
- September 21, 2011: dirtyJOE v1.5 (c359) and some statistics
- August 31, 2011: rep movsb isn't memcpy()
- July 6, 2011: dirtyJOE v1.4 (c334)
- July 4, 2011: MD5 implementation for GNU Assembler
- July 4, 2011: Mixing x86 with x64 code
- June 8, 2011: UPX "accidentally" increments LoadCount for DLLs
- June 7, 2011: Using Python scripts in dirtyJOE
- June 7, 2011: dirtyJOE v1.4
- September 18, 2010: dirtyJOE - Java Overall Editor
- March 4, 2010: When memory management goes bad...
- April 15, 2009: Hacker Challenge 2008
- January 30, 2009: Old dbghelp and an old exploit...
- October 31, 2008: Hacker Challenge 2007
- August 9, 2007: x86 Virtualizer - source code
- June 17, 2007: DLLPackager v1.0 - source code
- May 25, 2007: x86 Virtualizer - Preview
- May 20, 2007: DLLPackager v1.0
