Author Archive
Prototype of the NtLoadKeyEx
by James on Apr.27, 2010, under ReverseIt, System Research
If you have seen the WRK, you will find out that the NtLoadKeyEx prototype is as following:
NTSTATUS __stdcall NtLoadKeyEx
(
__in POBJECT_ATTRIBUTES TargetKey,
__in POBJECT_ATTRIBUTES SourceFile,
__in ULONG Flags,
__in_opt HANDLE TrustClassKey
);
But when you attempt to hook this function as this prototype, there must be a critical error.
What’s wrong?
(continue reading…)
Peek into NOD32 module file
by James on Feb.05, 2010, under ReverseIt
Okey, I have been criticized by Niucool & Bananas as there is none post in this blog from me.
Feeling shamed~~~
So I decided to post something to let your guys know that I am alive.
Do you interesting antivirus engine? Do you wanna know what is it?
Hmmm, I think that I can not give u the answer. It’s a kidding 
Many people think that eset nod32 is a good antivirus, and … so do I.
Hereby, I intend to play with it and give you a short info about it.
(continue reading…)
-
Tools for Download
SysReveal.zip v1.0.0.72 
ThreatenReveal.zip v1.0.0.24 
SysTracer.zip v1.0.0.11 Our tool-sets are under developing, only latest versions are available.
Please send your feedback to: epocsoft@gmail.com