Skip navigation.
Home

palaniyappan's blog

MeMMon - A Light Weight Process Memory Scanner

| | |

Vejovis is a project that was started to develop an user mode memory scanning tool "MeMMoN - A Process Memory Scanning Tool". It scans the memory of all the processes in the system. It can be downloaded from the below link.

Download

Windows "DbgHelp.dll" Export name stack overflow vulnerability

The malwares in wild are exploiting this vulnerability. This vulnerabilty allows remote code to be executed while a debugger loads a specially crafted executable using Microsoft's Dbghelp.dll(ver 5.x).

When I was trying to load the malware that uses this trick it made olly debugger to exit. The below link has some interesting stuff about this vulnerability.

http://foolishpages.blogspot.com/2010/11/windows-dbghelpdll-export-name-stack.html

Gunpack - A Generic Unpacking tool

God's Unpacking tool for automated unpacking.
A generic unpacking tool works well against almost all the packers, except few.

http://code.google.com/p/gunpack/

Induc foolish detection by anti viruses

Hello researchers,

recently i came across a blog about detection of induc by av's.

Really interesting work.

http://dragu1a.blogspot.com/2010/02/avs-detection-of-virusinduc.html

Syndicate content