I am working on a game and thought about approaches for making it moddable. Usually, engines employ a scripting language for various reasons. One of them is that the engine gets to control what the mod sees, and can provide some degree of security for the user, by e.g. not allowing file access or network ..
How can we or windows identify or differentiate kernel processes and user/application processes. Based on meta data of process, flags in process table or other. Source: Windows..
I need to write a code to monitor the behaviour of a process So I tried to write it by first monitoring the process for 30 secs then parsing the backingfile with python and then i used machine learning to identify if the process is a malware.. I worked but when i am running two ..
I have a simple gRPC server / client implementation where I have setup the server to use grpc::SslServerCredentials Then I have a client that uses the credentials channel grpc::SslCredentials to connect to it successfully. But to my astonishment I can also connect using grpc::InsecureChannelCredentials to the secure server. I have probably misunderstood something so it ..
I wish to distribute a Windows App with free trial. The app can run in offline mode, so I need a way to verify free trial expiration. For that, I need to somewhere save in Windows the start date of free trial. How should I do that ? One way I thought is to encrypt ..
The problem is that I need to share files between 2 programs, but I don’t want that those files are accessible by the user of the computer and other programs than these 2. So the flow of the files are like this: Program A (which I will code myself) recieves a file from the internet ..
I was diving into memory vulnerabilities (C/C++) and I am interested in knowing what kind of vulnerabilities allow an arbitrary memory write (or read) without exploiting a buffer overflow (or overread). The ultimate goal would be to reach an arbitrary location (target) exploiting a memory vulnerability (source), without accessing the memory between the target and ..
We have implemented in our app all basic checks that allowed us to determinate if app running on rooted device, similar to: RootBeer – https://github.com/scottyab/rootbeer Meat-Grinder by Dmitry – https://github.com/DimaKoz/meat-grinder Isolated process by Darvin – https://github.com/darvincisec/DetectMagiskHide But this still not enough to detect Magisk. MagiskHide can bypass all RootBear and meat-grinder checks, also solution by ..
I’m a newbie to windows programming system .I used to inject code to process and it easy just inject entire PE file but now when I inject code to thread I can’t used entire PE file like process. I just want to know how to convert exe file to shellcode manually for inject to thread. ..
Environment: Windows 10 PowerShell 5.1 Problem: I need some kind of script that list users and it’s permission in the COM Security object computer wide ("Launch and Activation Permission" — Default permission) In GUI-way I can do it by running "DCOMCNFG –> Component Services –> Computers –> My Computer –> (right click) –> Permissions –> ..