Author Archives: Daniel Pistelli

PDF Insider Demo

A small, on the fly video presentation of my new utility. The emphasis of this application stands on parsing correctly the PDF format, if it can’t because the PDF is malformed (very common among malicious PDFs), then it provides the … Continue reading

Posted in News, Reversing | Tagged , | 9 Comments

CFF & Rebel.NET Update

Fixed some bugs in both applications. In particular, made some part of the CFF Explorer more robust. The current CFF Explorer still contains the core I wrote when I was 19yo. The newer kernel, which I don’t know if I’ll … Continue reading

Posted in Update | Tagged , | Leave a comment

My first month at Hex-Rays

At the beginning of September I started looking for a job. I actually wanted a job to work from remote. Despite the fact that I got several offers, all of them required relocation. So in the end I saw the … Continue reading

Posted in Uncategorized | 9 Comments

Busy & Qt 4.6

I apologize if in the last time I couldn’t answer to emails without many days of delay, but I’m incredibly busy in my real life. There is some important news I can’t yet talk about but will soon. Also, yesterday … Continue reading

Posted in Uncategorized | 2 Comments

CFF Explorer update: scripting arguments

Arguments can now be passed through command line just by making them follow the name of the script. E.g.: “CFF Explorer.exe” “C:\mydir\script.cff” arg1 arg2 “arg 3” To access the arguments from the scripting part you can use the global variables … Continue reading

Posted in Update | Tagged | Leave a comment

Filter Monitor 1.1.0: filter restore

Uploaded the new version of this little utility. Fixed some bugs (nothing serious). Now it has the capability to restore some types of filters that the user unregister. Basically, it can restore Create Process, Thread and Load Image callbacks.

Posted in Update | Tagged | 2 Comments

Explorer Suite update

CFF Explorer: Improved support for tiny PEs. Fixed a bug in the Exception Directory which was due to the grid set up. Task Explorer: Fixed a minor bug on x64. Added the Driver List tool.

Posted in Update | Tagged , | 7 Comments

Filter Monitor 1.0.1

This week, after months of development of bigger projects, I found some time to windbg “ntoskrnl.exe” and write a utility. It is called Filter Monitor and shows some key filters installed by kernel mode components. “As you probably all know … Continue reading

Posted in Internals, News, Reversing | Tagged | 2 Comments

CFF Explorer bug-fix

Fixed a bug reported by icy. It was causing crashes in executables without sections when calculating their PE size.

Posted in Update | Tagged | 6 Comments

Qt’s GUI Thread

If you’re a Qt developer, you surely are aware of the fact that you can only display GUI elements and access them from the main thread. This limitation as far as I know is mostly bound to the limitations of … Continue reading

Posted in Programming | Tagged , , , | 1 Comment