Category Archives: Internals

MUI files under the hood

Posted on November 14, 2012 by Daniel Pistelli

Have you ever copied after Vista a system file like notepad.exe onto the desktop and tried to execute it? Have you ever tried after Vista to modify the resources of a system file like regedit.exe? It’s most likely that neither … Continue reading

Posted in Internals, Reversing | 1 Comment

Filter Monitor 1.0.1

Posted on October 17, 2009 by Daniel Pistelli

This week, after months of development of bigger projects, I found some time to windbg “ntoskrnl.exe” and write a utility. It is called Filter Monitor and shows some key filters installed by kernel mode components. “As you probably all know … Continue reading

Posted in Internals, News, Reversing | Tagged | Leave a comment

x64 SEH & Explorer Suite Update

Posted on January 19, 2009 by Daniel Pistelli

Yesterday I took a bit of time and updated the Explorer Suite. One important new feauture is the addition of the Exception Directory. I’m no longer working on the old CFF Explorer. However, I thought this feature was too important … Continue reading

Posted in Internals, Update | Tagged , | 7 Comments

Qt Internals & Reversing

Posted on November 28, 2008 by Daniel Pistelli

Today I took a break from the larger article I’m currently writing. To relax, I wrote a smaller article about the Qt framework. I hope you enjoy. Qt Internals & Reversing Half of the text of this article comes from … Continue reading

Posted in Internals, Reversing | Tagged , | 4 Comments

Microsoft’s Rich Signature (undocumented)

Posted on March 5, 2008 by Daniel Pistelli

In the last days I’ve been quite sick, so I decided that as long as I had to stay in bed I might at least use the time to do something useful (or quite so). What happened is that someone … Continue reading

Posted in Internals, Reversing | Tagged | 7 Comments