-
Recent Posts
Archives
- November 2025 (2)
- March 2025 (1)
- January 2025 (1)
- December 2024 (2)
- October 2024 (2)
- March 2023 (1)
- November 2022 (1)
- October 2022 (2)
- February 2022 (1)
- January 2022 (1)
- October 2021 (3)
- January 2021 (1)
- December 2020 (1)
- September 2019 (1)
- June 2019 (1)
- January 2019 (1)
- July 2018 (1)
- April 2018 (1)
- February 2018 (1)
- January 2018 (2)
- December 2017 (2)
- November 2017 (1)
- June 2017 (4)
- May 2017 (2)
- December 2016 (1)
- November 2016 (1)
- July 2016 (3)
- June 2016 (1)
- April 2016 (1)
- March 2016 (2)
- February 2016 (1)
- October 2014 (1)
- March 2014 (1)
- February 2014 (2)
- January 2014 (1)
- November 2013 (1)
- October 2013 (1)
- September 2013 (1)
- August 2013 (1)
- July 2013 (3)
- July 2012 (1)
- May 2012 (1)
- April 2012 (1)
Categories
- CONfidence (3)
- CrackMe (24)
- cryptography (1)
- CTF (8)
- FlareOn (6)
- KernelMode (4)
- Malware (16)
- Malware Decryptor (5)
- PE-bear (12)
- Programming (6)
- Techniques (5)
- Tools (10)
- Tutorial (17)
- Uncategorized (3)
- WKE (3)
Blog Stats
- 2,064,440 hits
All my works included here are licensed under:
Tag Archives: PE-sieve
Tutorial: unpacking executables with TinyTracer + PE-sieve
Covers: automatic OEP finding, reconstructing IAT, avoiding antidebugs and fixing imports broken by shims In this short blog I would like to demonstrate you how to unpack an executable with PE-sieve and Tiny Tracer. As an example, let’s use the … Continue reading
Posted in Malware, Tools, Tutorial
Tagged HollowsHunter, PE-bear, PE-sieve, TinyTracer
Leave a comment
Application shimming vs Import Table recovery
In this post I am sharing a case that I investigated recently, during the tests of my application, PE-sieve. It demonstrates how the shims applied by the operating system can disrupt Imports recovery. Continue reading
Posted in Programming, Uncategorized
Tagged Import, Import Table, Import Table rebuilding, Import Table recovery, PE, PE-sieve, shim
1 Comment
hasherezade's 1001 nights 