I read something very interesting in “Windows via C/C++” today: starting with Windows Vista, CreateProcess can start a program where you specify the parent process! This is something foren… more →
Didier StevensDidier Stevens wrote 5 days ago: I read something very interesting in “Windows via C/C++” today: starting with Windows Vi … more →
Didier Stevens wrote 1 week ago: There are no real changes in this new version of bpmtk, only a new DLL (hook-createprocess.dll) was … more →
Didier Stevens wrote 2 weeks ago: Here’s some Python code (it uses my mPDF module) to append a new PDF document to an existing P … more →
Didier Stevens wrote 1 month ago: In search of a new trick for that Windows 7 Launch Party you’re invited to? Here’s one: … more →
Didier Stevens wrote 1 month ago: I’ve updated my WhoAmI? Firefox add-on for Firefox version 3.5. You can download it here or get it f … more →
Didier Stevens wrote 1 month ago: PDFiD is updated to detect the latest Adobe 0day, CVE-2009-3459. I’ll provide more details in … more →
Didier Stevens wrote 1 month ago: Another very effective way to prevent malicious documents from infecting PCs, is to prevent vulnerab … more →
Didier Stevens wrote 2 months ago: I wasn’t going to mention SAFER to restrict the rights of an application, because Software Restricti … more →
Didier Stevens wrote 2 months ago: Almost all shellcode I see in malicious documents (PDF, Word, Powerpoint, …) found “in the wild” doe … more →
Didier Stevens wrote 3 months ago: I’ve debugged the issues some people had with my Nokia time lapse Python script, you can find … more →
Didier Stevens wrote 3 months ago: I had an interesting discussion with Hans Heins concerning the timestamp displayed by my UserAssist … more →
Didier Stevens wrote 3 months ago: PDFiD is updated. Changes: It detects Flash in PDF (/RichMedia) Actions launched by Forms (/AcroForm … more →
GS wrote 4 months ago: LeMMA 0.8 is now available as an alpha version. A more ‘contemporary’ look-and-feel has … more →
Didier Stevens wrote 4 months ago: The ultimate disaster recovery plan is not a corporate plan. This plan is for your family, to help t … more →
Didier Stevens wrote 4 months ago: Per @TimelessP’s request, here’s so more Python code that can be used for time-lapse pho … more →
Didier Stevens wrote 4 months ago: My corrupted PDF quip inspired me to program another steganography trick: embed a file in a PDF docu … more →
Didier Stevens wrote 5 months ago: Here’s a new trick: injecting VBScript in a process. I’ve developed a DLL that will crea … more →
Didier Stevens wrote 5 months ago: Last January, I got a little challenge from @hdmoore via my Twitter account: add data to a signed ex … more →
Didier Stevens wrote 5 months ago: While preparing for my OSWP exam, I came across an unpublished Python program for the AirPcap adapte … more →