Saturday, 17 October 2015

In Depth Windows: What is PE File Format?


Windows operating system is used by most of the Computer users out there but little do they know about how it works. Recently, I started to research deeper and deeper into Window's Internals for thorough Malware Analysis. One thing that holds utmost importance when It comes to digging deeper into Windows is the Portable Executable File Format, commonly known as the PE file format derived from Common Object File Format aka COFF.

PE is the native file format of Windows operating system, binaries (EXE, DLL, SYS, SCR) or even object files (BPL, DPL, CPL) use this format. Even NT's kernel mode drivers use PE file format. The reason why it is called "Portable Executable" refers to the fact that this file format is universal across all Win32 platforms. The loader on every Win32 platform recognizes this file format and loads the executable in memory despite the architecture of CPU being Intel or ARM or any other for that matter.

The knowledge of PE file format is useful to people who are trying to become Software Reverse Engineers, Better Programmers, and the know all kind. This knowledge is definitely necessary for people who are trying to write malicious softwares(those evil people).

Saturday, 22 August 2015

x86 Linux ShellCode Writing 101: What is ShellCoding?

What is this thing called Shellcode you might ask?

Well, It is defined as a set of carefully crafted instructions which are injected and then executed by a vulnerable application. It directly manipulates the registers using the vulnerability and that is why it is generally written in assembler and translated into opcodes. ShellCode written in a high level language like C/C++/Java will not work after injecting because of some nuances.

Friday, 21 August 2015

War Games To Learn Security Concepts

It could be that you are an "Elite Hacker" who thinks he has learned enough and is able to compromise any system at hand, But may be you can't, or may be you are just a guy who is looking around to grasp some security concepts to start getting in to this field. No matter who is reading this, If you are reading this then you do want to know what lies ahead.

Thursday, 30 July 2015

SecurityBlogger.Ninja Extended for 2 more Years!

Hello Everyone, It sure has been a long time.

My last post on this blog was on Tuesday, 10 February 2015. As you can see, It has been long since the last one but I still went ahead and extended this domain

Tuesday, 10 February 2015

Virtual Address Space Layout Randomization in Linux Kernel aka ASLR

ASLR(Address Space Layout Randomization) is a security feature that has been built into almost all the major operating systems. In Linux, It was built in around the year 2005. ASLR is what you might call an additional layer of security for the kernel. It has been implemented in kernels >= 2.6 and all kernels now support it.

What does ASLR actually do?

Monday, 12 January 2015

Review: LG G3 Smartphone

I was asking some of my friends to suggest me a smartphone to buy but I wanted It to be android since I do want to run some tests on it and most of the people suggested me this phone "LG G3". I took some time to read some reviews on the Internet and I was pretty convinced that this is the one I want to buy and I did. But you know what they say; you never know until you try it.

Implementation of Queue with Stack in Java

Something that I wrote for a lab exam.

import java.util.Scanner;

class QueueStack{

    public static void main(String[] args){

        Scanner myScan = new Scanner(;
        System.out.print("Enter the size of Queue: ");
        int input = myScan.nextInt();

        Stack myStack = new Stack(input);