HOME _ .. .. u dF dF 88Nu. u. uL .. x. . u. u. '88bu. .u . .u . u. x. . u. u. '88bu. '88888.o888c .@88b @88R .@88k z88u x@88k u@88c. '*88888bu .u .d88B :@8c uL .d88B :@8c ...ue888b .@88k z88u x@88k u@88c. '*88888bu ^8888 8888 '"Y888k/"*P ~"8888 ^8888 ^"8888""8888" ^"*8888N ud8888. ="8888f8888r .ue888Nc.. ="8888f8888r 888R Y888r ~"8888 ^8888 ^"8888""8888" ^"*8888N 8888 8888 Y888L 8888 888R 8888 888R beWE "888L :888'8888. 4888>'88" d88E`"888E` 4888>'88" 888R I888> 8888 888R 8888 888R beWE "888L 8888 8888 8888 8888 888R 8888 888R 888E 888E d888 '88%" 4888> ' 888E 888E 4888> ' 888R I888> 8888 888R 8888 888R 888E 888E 8888 8888 `888N 8888 888R 8888 888R 888E 888E 8888.+" 4888> 888E 888E 4888> 888R I888> 8888 888R 8888 888R 888E 888E .8888b.888P .u./"888& 8888 ,888B . 8888 888R 888E 888F 8888L .d888L .+ 888E 888E .d888L .+ u8888cJ888 8888 ,888B . 8888 888R 888E 888F ^Y8888*"" d888" Y888*" "8888Y 8888" "*88*" 8888" .888N..888 '8888c. .+ ^"8888*" 888& .888E ^"8888*" "*888*P" "8888Y 8888" "*88*" 8888" .888N..888 `Y" ` "Y Y" `Y" 'YP "" 'Y" `"888*"" "88888% "Y" *888" 888& "Y" 'Y" `Y" 'YP "" 'Y" `"888*"" "" "YP' `" "888E "" .dWi `88E 4888~ J8% ^"===*"` archive | code | zines | papers | samples | translations | supporters | contact
Arabic Hiding Loaded Drivers with DKOM (AR)
إستخدام GetEnvironmentVariableكبديل ل WriteProcessMemoryفي حقن عمليات الحوسبة
Another Detailed Guide to PE Infection (AR)
Detailed Guide to PE Infection (AR)
CMD Hijack CMD Hijacka command/argument confusion with path traversal in cmd.exe (AR)
French Abuser la Gestion de L’Alimentation de Windows
Cacher des Drivers Charges avec DKOM
Greek Αποκρύπτοντας φορτωμένους οδηγούς πυρήνα με τη χρήση DKOM
Another detailed guide to PE infection (GR)
Portuguese Ofuscando driver carregado com DKOM
Russian Использование виртуализации Windows во вредоносных целях
Использование телеметрии Windows, для закрепления в системе
Трюк с фейковым EP
Добавление новой секции с кодом в PE файл
Сокрытие загружаемого драйвера, используя технику DKOM
Запуск PE файла в памяти
Сокрытие процесса, используя технику DKOM, без хардкодинга смещений
История компьютерных вирусов
Полиморфный движок Mocoh
Детальный гайд по заражению PE
Еще один детальный гайд по заражению PE
Spanish Ocultando Driver Cargado Con DKOM
Ocultar Procesos Con DKOM Sin Offset Hardcodeado
Codigo En Secciones PE
Falso EP
`. `odms- `odmmmmmy- `ymmmmmmmmh. hmmmmmmd` ymmmmmmd ymmmmmmd ymmmmmmd ymmmmmmd ymmmmmmd ymmmmmmd -yo-..............hmmmmmmd...............+y: -ymmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmh: `smmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmh. `+dmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmh: `omdysyyyyssssyyyyydmmmmmmmyyyyyyyyyyyyssydmh/ .` hmmmmmmm - hmmmmmmm `- hmmmmmmm -` `+dmdssssssssssssssssssssssssdmmmmmmmsssssssssssssssssssssssshmdo` `+dmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmdo` `odmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmms. .smmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmms. .o:........................hmmmmmmm-.......................:o- hmmmmmmm` hmmmmmmm` ````` hmmmmmmm` ````` -/oyhmmmmmmmdhs+:` hmmmmmmm` `:+sydmmmmmmmdhs+:` `:sdmmmmmmmmmmmmmmmmmmho- hmmmmmmm` .+ymmmmmmmmmmmmmmmmmmmy/` `+dmmmmmmmmmmmmmmmmmmmmmmmmh+.hmmmmmmm./hmmmmmmmmmmmmmmmmmmmmmmmmdo` :dmmmmmmmmmmmddhhdmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmddhddmmmmmmmmmmmd/ /mmmmmmmmmh+-` `.:ohmmmmmmmmmmmmmmmmmmmmmmmmho/.` `-+ymmmmmmmmmo :mmmmmmmmh: .+dmmmmmmmmmmmmmmmmmmd+. -ymmmmmmmm/ hmmmmmmmy` :ymmmmmmmmmmmmmmh/ ommmmmmmd` .mmmmmmmd` -smmmmmmmmmmh: hmmmmmmm: -mmmmmmmy -dmmmmmmmmm/ ommmmmmm/ `mmmmmmmd `smmmmmmmmmmmmy. ymmmmmmm- smmmmmmms `+dmmmmmmmmmmmmmmmo` +mmmmmmmh `dmmmmmmmh: -odmmmmmmmmmdmmmmmmmmms- -ymmmmmmmd. .dmmmmmmmmds/-.` `-/sdmmmmmmmmmmy.`smmmmmmmmmmds/-.` `.-/ohmmmmmmmmd- `ymmmmmmmmmmmmmmmmmmmmmmmmmmmmmd/ -hmmmmmmmmmmmmmmmmmmmmmmmmmmmmmy. :ymmmmmmmmmmmmmmmmmmmmmmmmmd+` /dmmmmmmmmmmmmmmmmmmmmmmmmmh: -ohmmmmmmmmmmmmmmmmmmmds: :sdmmmmmmmmmmmmmmmmmmmds- ./oydmmmmmmmmmdhs+- -/shdmmmmmmmmmdyo/. `..----.` `..---..`