Analyzing TLS Callbacks

Ever lost control of a program before the debugger could pause? TLS Callbacks may be old news, but they remain a viable tool still utilized by malware for anti-debugging and other trickery.
Read more »

Fast and Free Malware Analysis Lab Setup

How do you get started in Malware Analysis? First, you need an analysis environment in-place to investigate files. Here is the fastest way to automatically setup a Virtual Lab Environment complete with a FREE VM directly from Microsoft and FREE analysis tools.
Read more »

Generically Unpacking Ransomware With Memory Breakpoints

Today we look at how to generically unpack ransomware utilizing memory and hardware breakpoints on specific WinAPI functions as well as key memory locations.
Read more »

Miysx Jktlk Ixnxn Xt

.. -/.. .../- ---/-... ./.-.. . .- .-. -. . -.. -....- -....- - .... .. .../-.-. .-.. . .- ...- .. -. --./.- -. -../- .... .. .../-... ..- .-. -. .. -. --. --..--/-... ..- -/--- -. .-.. -.--/-... -.--/- .... ./--- -. ./.-- .... ---/... .--. . -. -.. .../--- ..- -/.... .. -- ... . .-.. ..-./.- --. .- .. -. .-.-.-
Read more »

Analysis CVE-2017-11882 Microsoft Equation Editor Exploit



Today's video covers how to analyze CVE 2017-11882 Microsoft Office Equation Editor Buffer  Overflow. We also touch on three distinct methods to debug problematic programs using assembly-fu, registry hacks, and gflag magic.

Read more »

The Wonderful World of MIPS


The ever growing Internet of Things (IOT) brings with it a new wave of malware geared toward unfamiliar architectures. Today we take a look at how to compile, analyze, and debug MIPS based binaries.
Read more »