In this article I will dissect what CPU Cache and TLB are. It can help understand how Meltdown and Specter work.
I’ve had a lot of time to dive into certain pecularities of how programs are outlined both in RAM and on disk when working as a malware analyst.
Intro At the very beginning of my career I found it hard to grasp the notion of memory layout and stack.
During forensics investigation it’s sometimes needed to reverse engineer some suspicious piece of code. This section is a reverse engineering dive-in section.
In this article I am trying to reasearch compilation and linking process. Terms .cpp - is a human-readable file written in any programming language.
VarInt Is used to safe memory. For example, number 5 only occupies 1 byte, but 1032 will need two bytes to live.
⚠️ Note that x64 does not use this mechanism for exception handling. Consider the following code:
Character Special Files One of the examples of a special files are: /dev/stdin /dev/stdout /dev/random (PRNG which may delay returning a value to acquire additional entropy.
References  Manual unpacking (rus 🇷🇺)  Unpacking FSG 2.0 (rus 🇷🇺)  Introduction to unpacking (rus 🇷🇺)
Intro One’s complement Two complement
In this article I am describing the difference between a process, thread and mutex. Process When and exe file or other executable file is run, some memory in RAM is allocated and the program’s code and data is read from the hard drive and written into RAM.
During forensic analysis it’s not too rare to run into some suspicious application. In this article I’m going to learn to reverse engineer iOS applications.
Lorem markdownum aequalis strigis. Saetigeri iubeas, vultu huic alvum nondum de obside ut laniavit arbor palmis, cum quin.
>>> import ctypes >>> a = 5 >>> address = id(a) >>> address 4307917216 >>> ctypes.
Methodology Look at the strings fs strings and f in radare2 or rabin -zz Find xrefs for the strings of interest axt @ str.
Any cracking career is supposed to start with solving simple crackme’s. I’ve not been doing it all the time, but I’ve solved several of them from the simplest to a very hard one which required some math knowledge 😬. This allowed me to craft some sort of algorithm I would like to share."
To read https://www.airs.com/blog/archives/38