Some present works
Due to lack of time I’m updating this blog only now….
Btw I would like to inform all readers that there are some projects (completed and not) waiting to be published.
– First of all my company (now Saferbytes, born from ItSec) has sponsored new release of X86 Memory bootkit. This time it comes out very stable and usefull, with a lot of new features (like VBR type setup, UEFI compatibility and many more)… I start to share official utility link, and, when ready, even article link… You can download new X86 Memory bootkit here.
– A deeper analysis of new Windows 8 security feature called AppContainer. I would like to show readers a way to create AppContainer tokens, and therefore build Sandboxed application, even on classical desktop application. I have to disassemble many “explorer.exe” (and related) characteristics till Protected processes creation (NtCreateLowBoxToken API).