Outer Web | Explore

Explore >> Select a destination

You are here		idafchev.github.io Basics of Windows shellcode writing \| Ring 0x00
\|	\|	keyj.emphy.de KeyJ's Blog : Blog Archive » Writing ultra-small Windows executables	2.8 parsecs away Travel
\|	\|	[AI summary] The article discusses the process of creating ultra-small Windows executables by optimizing the PE (Portable Executable) format. KeyJ, the author, details various techniques such as removing sections, collapsing headers, and using hash-based import lookups to minimize the executable size. The article also includes comments from readers discussing the challenges and successes of these optimizations, as well as the importance of compatibility across different Windows versions. The final executable size is reduced to around 268 bytes, and the author acknowledges the trade-offs between size and compatibility.	2.8 parsecs away Travel
\|	\|	gpfault.net Let's Learn x86-64 Assembly! Part 0 - Setup and First Steps	3.0 parsecs away Travel
\|	\|	[AI summary] The provided text is a detailed explanation of how to write a simple 64-bit Windows application in assembly language that calls the ExitProcess function from the KERNEL32.DLL library. It covers the following key topics: 1. Memory and Register Basics: Explains how memory and registers work in 64-bit Windows, including the use of the stack pointer (RSP), registers like RCX, RDX, R8, and R9 for passing arguments, and the importance of stack alignment for performance. 2. Calling Conventions: Details the 64-bit Windows calling convention, including how the first four integer or pointer arguments are passed in registers (RCX, RDX, R8, R9), how additional arguments are passed on the stack, and the requirement for the stack to be aligned to ...	3.0 parsecs away Travel
\|	\|	blacklight.sh A Beginner's Guide to Malware and EDR Evasion \| Kyle's Blog	4.3 parsecs away Travel
\|	\|	A beginner's guide to bypassing EDR systems using APC queue injection and direct system calls.	4.3 parsecs away Travel
\|	\|	toddcullumresearch.com Portable Executable File Corruption Preventing Malware From Running - Todd Cullum Research	23.8 parsecs away Travel
\|		Important Disclaimer YOU MUST READ FIRST! Portions of this article contain source code from the Windows Research Kernel. This code is the intellectual property of Microsoft Corporation. I am using this code under special license in this post under these grounds of the license agreement: You may distribute snippets of this software in research... Read More	23.8 parsecs away Travel