🟢 5️⃣ Virtual Memory
سیستم عامل به هر Process یک Virtual Address Space میده
یعنی:
برنامه فکر میکنه حافظه پیوسته داره
ولی OS اونو به صفحات واقعی RAM map میکنه
مزایا:
جداسازی Process ها
امنیت
کنترل دسترسی
کاربرد RE:
آدرس هایی که میبینید virtual هستند
🟢 5️⃣ Virtual Memory
The operating system gives each process a Virtual Address Space
That is: The program thinks it has contiguous memory
But the OS maps it to real RAM pages
Advantages:
Process isolation
Security
Access control
RE usage: The addresses you see are virtual
@reverseengine
سیستم عامل به هر Process یک Virtual Address Space میده
یعنی:
برنامه فکر میکنه حافظه پیوسته داره
ولی OS اونو به صفحات واقعی RAM map میکنه
مزایا:
جداسازی Process ها
امنیت
کنترل دسترسی
کاربرد RE:
آدرس هایی که میبینید virtual هستند
🟢 5️⃣ Virtual Memory
The operating system gives each process a Virtual Address Space
That is: The program thinks it has contiguous memory
But the OS maps it to real RAM pages
Advantages:
Process isolation
Security
Access control
RE usage: The addresses you see are virtual
@reverseengine
🔥1
🟢 6️⃣ Paging
حافظه به Page تقسیم میشه مثلا 4KB
Page Table
مشخص میکنه:
این page به کجای RAM وصله
دسترسیش چیه R/W/X
کاربرد RE: وقتی صفحه execute نیست اجرای کد خطا میده
🟢 6️⃣ Paging
Memory is divided into Pages, for example 4KB
Page Table
Specifies:
Where is this page attached to in RAM
What is its access R/W/X
RE usage: When the page is not executed, executing the code gives an error
@reverseengine
حافظه به Page تقسیم میشه مثلا 4KB
Page Table
مشخص میکنه:
این page به کجای RAM وصله
دسترسیش چیه R/W/X
کاربرد RE: وقتی صفحه execute نیست اجرای کد خطا میده
🟢 6️⃣ Paging
Memory is divided into Pages, for example 4KB
Page Table
Specifies:
Where is this page attached to in RAM
What is its access R/W/X
RE usage: When the page is not executed, executing the code gives an error
@reverseengine
❤1
Windows Exploitation Techniques
https://projectzero.google/2025/12/windows-exploitation-techniques.html
@reverseengine
https://projectzero.google/2025/12/windows-exploitation-techniques.html
@reverseengine
projectzero.google
Windows Exploitation Techniques: Winning Race Conditions with Path Lookups - Project Zero
This post was originally written in 2016 for the Project Zero blog. However, in the end it was published separately in the journal PoC||GTFO issue #13 as wel...
❤1
ARM64 Reversing and Exploitation Blog Series
https://8ksec.io/arm-64-reversing-and-exploitation-series
@reverseengine
https://8ksec.io/arm-64-reversing-and-exploitation-series
@reverseengine
8kSec
ARM64 Reversing and Exploitation Series | 8kSec
❤1
easy-kernelmapper: map your driver with a batch
Intro https://www.unknowncheats.me/forum/anti-cheat-bypass/476567-easy-kernelmapper-map-driver-batch.html
Repo https://github.com/0dayatday0/BattleFN-cheat-analysis
Analysis https://github.com/0dayatday0/BattleFN-cheat-analysis/blob/main/cheat-analysis.pdf
@reverseengine
Intro https://www.unknowncheats.me/forum/anti-cheat-bypass/476567-easy-kernelmapper-map-driver-batch.html
Repo https://github.com/0dayatday0/BattleFN-cheat-analysis
Analysis https://github.com/0dayatday0/BattleFN-cheat-analysis/blob/main/cheat-analysis.pdf
@reverseengine
GitHub
GitHub - 0dayatday0/BattleFN-cheat-analysis
Contribute to 0dayatday0/BattleFN-cheat-analysis development by creating an account on GitHub.
❤1
Anti-virus artifacts Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot
https://github.com/D3VI5H4/Antivirus-Artifacts
@reverseengine
https://github.com/D3VI5H4/Antivirus-Artifacts
@reverseengine
GitHub
GitHub - ethereal-vx/Antivirus-Artifacts: Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes…
Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot. - ethereal-vx/Antivirus-Artifacts
❤1
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html
@reverseengine
https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html
@reverseengine
security-research
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
❤1
❤1
How LLMs Feed Youe RE Habit
https://clearbluejar.github.io/posts/how-llms-feed-your-re-habit-following-the-uaf-trail-in-clfs
@reverseengine
https://clearbluejar.github.io/posts/how-llms-feed-your-re-habit-following-the-uaf-trail-in-clfs
@reverseengine
clearbluejar
How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS
Dive into how LLMs and pyghidra-mcp accelerate reverse engineering by tracing a UAF vulnerability in CLFS through a patch diff.
❤1👏1
Modding And Distributing Mobile Apps with Frida
https://pit.bearblog.dev/modding-and-distributing-mobile-apps-with-frida
@reverseengine
https://pit.bearblog.dev/modding-and-distributing-mobile-apps-with-frida
@reverseengine
Pit's Proof Of Concept
Modding And Distributing Mobile Apps with Frida
Walkthrough of how to embed frida scripts in apps to distribute proper mods. Supports frida 17+.
❤1
Linux system call hooking using Ftrace
https://xcellerator.github.io/posts/linux_rootkits_02
@reverseengine
https://xcellerator.github.io/posts/linux_rootkits_02
@reverseengine
Linux Rootkits Part 2: Ftrace and Function Hooking
Linux Rootkits Part 2: Ftrace and Function Hooking :: TheXcellerator
Okay, so you’ve built your first kernel module, but now you want to make it do something cool - something like altering the behaviour of the running kernel. The way we do this is by function hooking, but the question is - how do we know which functions to…
❤1
Speculating the entire x86-64 Instruction Set In Seconds with This One Weird Trick
https://blog.can.ac/2021/03/22/speculating-x86-64-isa-with-one-weird-trick
https://blog.can.ac/2021/03/22/speculating-x86-64-isa-with-one-weird-trick
Can.ac
Speculating the entire x86-64 Instruction Set In Seconds with This One Weird Trick
As cheesy as the title sounds, I promise it cannot beat the cheesiness of the technique I’ll be telling you about in this post. The morning I saw Mark …
❤1
Anti_backdoor.pdf
12.6 MB
Anti-Backdoor Learning:
Training Clean Models on Poisoned Data
Training Clean Models on Poisoned Data
❤1
Modern Obfuscation Techniques
https://is.muni.cz/th/v1f9y/Modern_obfuscation_techniques.pdf
@reverseengine
https://is.muni.cz/th/v1f9y/Modern_obfuscation_techniques.pdf
@reverseengine
❤1
Abusing native Windows functions for shellcode execution
http://ropgadget.com/posts/abusing_win_functions.html
http://ropgadget.com/posts/abusing_win_functions.html
❤1