Map and projects (the most frequently updated page of this blog)

2010/04/07

Wir halten zusammen, keiner kämpft allein

Finished PE/Packers/Opcodes graphics

As I added Data Directories to the PE infographics, my 3 infographics projects are now finished:

2010/04/05

Before you judge me, take a look at you

Packers' algorithms

I created one last diagram, showing Packers' most common algorithms.

2010/04/04

Si tu cherches un peu de gaîté, viens donc faire un tour à...

Typical behavior of the various kinds of packers

I made an infographic showing 3 different kinds of packer, their usual steps and the caracteristics of each of these steps.

2010/04/03

I time every journey to bump into you

PE file and memory layouts
I created a graph (diagram?) for the PE format, showing 'standard' layouts of a PE file, on disk and in memory.

2010/04/02

Lutte contre les mots faciles, lutte contre la haine des ...

user-mode opcodes cheat sheets
I mostly work on user-mode code, or kernel-mode code that actually uses a very limited amount of privileged opcodes, just to access CR0 and IF. Besides, FPU/MMX/SSE are usually used as junk or pure calculation that I can ignore.

So, from that limited perspective, the amount of opcodes is much reduced.

A Perspective of two-byte opcodes
After my overview of one-byte opcodes, I made a graph of two-byte opcodes according to that perspective.
It makes it much more readable than expected!

Opcodes' reminders
Also, I checked every user-mode opcode, and wrote a one-liner to describe them, as well as a small example. I put together an executable with all the examples, just to see them in action - and test your favorite emulator ;)

It makes them small opcodes' reminders, in printable text and executable code formats.