Informative Information for the Uninformed
Current
v9
v8
v7
v6
v5
v4
v3
v2
v1
All
About
Vol 4
»
2006.Jun
Next:
Foreword
Up:
GREPEXEC: Grepping Executive Objects
Previous:
GREPEXEC: Grepping Executive Objects
Contents
Foreword
Introduction
Scanning Memory
Retrieving Pool Ranges
Locking Memory
Detecting Executive Objects
Generic Object Information
Validating Pool Block Information
Object Specific Signatures
Process Objects
Thread Objects
Driver Objects
Device Objects
Miscellaneous
Found An Object, Now What?
Process Objects
Thread Objects
Driver Objects
Device Objects
Breaking Signatures
Pointer Based Signatures
N-Depth Pointer Validation
Miscellaneous
GrepExec: The Tool
The Signature
Usage
Sample Output
Conclusion
Bibliography