Explore >> Select a destination
|
You are here 
|
insinuator.net | ||
| | | | |
gpfault.net
|
|
| | | | | [AI summary] The provided text is a detailed explanation of how to write a simple 64-bit Windows application in assembly language that calls the ExitProcess function from the KERNEL32.DLL library. It covers the following key topics: 1. **Memory and Register Basics**: Explains how memory and registers work in 64-bit Windows, including the use of the stack pointer (RSP), registers like RCX, RDX, R8, and R9 for passing arguments, and the importance of stack alignment for performance. 2. **Calling Conventions**: Details the 64-bit Windows calling convention, including how the first four integer or pointer arguments are passed in registers (RCX, RDX, R8, R9), how additional arguments are passed on the stack, and the requirement for the stack to be aligned to ... | |
| | | | |
goggleheadedhacker.com
|
|
| | | | | Learn how to reverse engineer golang malware using Radare2. This article will explain how the gopclntab works and how we can use it to extract function names. This process is explained using the Robbinhood Ransomware that attacked Baltimore. | |
| | | | |
yasoob.me
|
|
| | | | | Hi everyone! ?? If you have been following my blog then you might have already read the article on reverse engineering an Android app by writing custom smali code. I am still very much a reverse engineering beginner so after that article, I got to learn about Frida. I was told that Frida is much faster and a lot easier for scenarios where I want to snoop on functions. Well, I am glad to report that all the suggestions were absolutely correct. | |
| | | | |
github.com
|
|
| | | Ghidra is a software reverse engineering (SRE) framework - NationalSecurityAgency/ghidra | ||
