Blogs about: My Software
Featured Blog
Quickpost: SelectMyParent or Playing With the Windows Process Tree
I read something very interesting in “Windows via C/C++” today: starting with Windows Vista, CreateProcess can start a program where you specify the parent process! This is something foren… more →
Didier Stevens
Quickpost: SelectMyParent or Playing With the Windows Process Tree
— 4 comments
Didier Stevens wrote 5 days ago: I read something very interesting in “Windows via C/C++” today: starting with Windows Vi … more →
Update: bpmtk with hook-createprocess.dll
— 1 comment
Didier Stevens wrote 1 week ago: There are no real changes in this new version of bpmtk, only a new DLL (hook-createprocess.dll) was … more →
Quickpost: "Hiding" a PDF Document
— 1 comment
Didier Stevens wrote 2 weeks ago: Here’s some Python code (it uses my mPDF module) to append a new PDF document to an existing P … more →
A Windows 7 Launch Party Trick!
— 3 comments
Didier Stevens wrote 1 month ago: In search of a new trick for that Windows 7 Launch Party you’re invited to? Here’s one: … more →
Update: WhoAmI? Version 0.1.3
Didier Stevens wrote 1 month ago: I’ve updated my WhoAmI? Firefox add-on for Firefox version 3.5. You can download it here or get it f … more →
Update: PDFiD Version 0.0.9 to Detect Another Adobe 0Day
Didier Stevens wrote 1 month ago: PDFiD is updated to detect the latest Adobe 0day, CVE-2009-3459. I’ll provide more details in … more →
Preventing Applications From Starting (Malicious) Applications
— 5 comments
Didier Stevens wrote 1 month ago: Another very effective way to prevent malicious documents from infecting PCs, is to prevent vulnerab … more →
Quickpost: SAFER and Malicious Documents
— 3 comments
Didier Stevens wrote 2 months ago: I wasn’t going to mention SAFER to restrict the rights of an application, because Software Restricti … more →
Preventing Malicious Documents from Compromising Windows Machines
— 11 comments
Didier Stevens wrote 2 months ago: Almost all shellcode I see in malicious documents (PDF, Word, Powerpoint, …) found “in the wild” doe … more →
Update: Time Lapse Photography with a Nokia Mobile
Didier Stevens wrote 3 months ago: I’ve debugged the issues some people had with my Nokia time lapse Python script, you can find … more →
Update: UserAssist Tool Version 2.4.3
— 6 comments
Didier Stevens wrote 3 months ago: I had an interesting discussion with Hans Heins concerning the timestamp displayed by my UserAssist … more →
Update: PDFiD Version 0.0.8
— 3 comments
Didier Stevens wrote 3 months ago: PDFiD is updated. Changes: It detects Flash in PDF (/RichMedia) Actions launched by Forms (/AcroForm … more →
LeMMA 0.8 alpha release
GS wrote 4 months ago: LeMMA 0.8 is now available as an alpha version. A more ‘contemporary’ look-and-feel has … more →
The Ultimate Disaster Recovery Plan
— 3 comments
Didier Stevens wrote 4 months ago: The ultimate disaster recovery plan is not a corporate plan. This plan is for your family, to help t … more →
Quickpost: More Picture-Taking with Python
— 1 comment
Didier Stevens wrote 4 months ago: Per @TimelessP’s request, here’s so more Python code that can be used for time-lapse pho … more →
Embedding and Hiding Files in PDF Documents
— 17 comments
Didier Stevens wrote 4 months ago: My corrupted PDF quip inspired me to program another steganography trick: embed a file in a PDF docu … more →
bpmtk: Injecting VBScript
— 5 comments
Didier Stevens wrote 5 months ago: Here’s a new trick: injecting VBScript in a process. I’ve developed a DLL that will crea … more →
Update: Disitool V0.3
— 2 comments
Didier Stevens wrote 5 months ago: Last January, I got a little challenge from @hdmoore via my Twitter account: add data to a signed ex … more →
Quickpost: Sending WiFi Beacon Frames with an AirPcap Adapter
— 2 comments
Didier Stevens wrote 5 months ago: While preparing for my OSWP exam, I came across an unpublished Python program for the AirPcap adapte … more →
