Hex-Rays' blog (53)

The ultimate stealth method

The last described method does not work if the application uses an “unsupported” antidebugging ...

Ilfak Guilfanov • Nov 20, 2005

The last time I showed you a simple trick with conditional breakpoints. Today I will present you a ...

Ilfak Guilfanov • Nov 13, 2005

Quite often IDA users ask for a plugin or feature to hide the debugger from the application. In ...

Ilfak Guilfanov • Nov 4, 2005

Final method of loading several files into a database D. Use Steve’s plugin

Ilfak Guilfanov • Oct 30, 2005

I promised to tell you about the TLS callbacks. Here is the discussion. When you launch the ...

Ilfak Guilfanov • Oct 25, 2005

The third method to create a database with several PE files. C. Change segment attributes in the ...

Ilfak Guilfanov • Oct 25, 2005

The second method to create a database with several PE files. B. Use the debugger and take the ...

Ilfak Guilfanov • Oct 22, 2005

IDA Pro can load one PE file into a database and analyze it. Some users assume this is the maximum. ...

Ilfak Guilfanov • Oct 19, 2005

This is the first entry in the blog. This is the message body. Seems to be easy.

Ilfak Guilfanov • Oct 13, 2005