An introduction to Use-After-Free exploitation and walking through one of my old challenges. Challenge Info: https://www.malwaretech.com/challenges/windows-exploitation/user-after-free-1-0 Download Link: https://malwaretech.com/downloads/challenges/UserAfterFree2.0.rar Password: MalwareTech
Category: For Beginners

We’ll be writing a hooking engine using trampoline based hooks as explained in the previous article (we don’t handle relative instructions as they’re very rare,

A lot of my articles have been aimed at giving a high-level insight into malware for beginners, or those unfamiliar with specific concepts. Today I’ve

Distributed Denial Of Service, or DDoS, is an attack in which multiple devices send data to a target device (usually a server), with the hope

A virtual File System (VFS), sometimes referred to as a Hidden File System, is a storage technique most commonly used by kernel mode malware, usually

As we all know there are ways that your real IP can be leaked when using tor (JavasScript, Flash, Malware and software errors). In this

A lot of people (including myself, until recently) think that effective sandboxing requires a filter driver or kernel hooking, but this is no longer the

With all the hype about the ZeroAccess take-down, i decided it might be a nice idea to explain how peer to peer botnets work and

Introduction For a long time malware has targeted web data such as site logins. A malicious application could intercept socket functions within a web browser
Process Injection Process injection is an age old technique used by malware for 3 main reasons: Running without a process, placing user-mode hooks for a