Skip navigation.

jnraber's blog

Stealthy Profiling and Debugging of Malware

Here is a Windows driver I developed that I presented at Blackhat this year. Enjoy

Hades is a tool for dynamic application analysis on Microsoft Windows-based systems. It has function hooking capabilities similar to those of Microsoft Detours and WinAPIOverride (WAO), and it can also function as a debugger. It was developed to allow analysis of malware binaries that were able to detect Detours and WAO.

Syndicate content