0xffensivecraft
<STAY NOOB>/<LEARN MORE>
Latest from the Blog
Incorporate Windows ETW in your code using Krabsetw
Introduction In this post we are going to discuss about how we can perform ETW tracing using krabsetw ETW library. We will not be discussing ETW basics here, for that I would recommend readers to check out following posts: using krabsetw library let the fun begins Trace types The ETW has mainly two sets of…
The Stack, The Windows & The Adventures
Introduction This post is a “how-to” for writing Win32 code for performing a stackwalk on both x86 and x64 architectures and along the way we will learn the theory behind some of the concepts associated with the stack. In fact this is a quick note created for myself when I started working on designing a…
The Stack Series: The X64 Stack
Overview of x64 stack static RSP caller/callee saved registers According to x64 convention Non Volatile registers are expected to be saved and restored by the function that uses them. On the other hand, as the name suggests the Volatile register states are expected to change through out the execution of any function. Volatile Registers RAX…
offensivecraft 