VitorMob's comments

VitorMob · on June 10, 2024

CrowArmor is a driver for Linux aimed at system security

Features

    Communicates with MalDec EDR
    Modifies the Syscall Table and hooks it
    Monitors if the Syscall Table has been modified
    Restores the Syscall if it has been modified by an unknown driver
    Monitors the CPU Control Registers and restores them if they are modified

VitorMob · on March 26, 2024

Our research is associated with detecting anomalies using syscall at the kernel level implemented in our telekinesis driver, looking in the scripts folder you can access a python script that has a part of the research that takes the std (standard deviation) of the syscalls. Law Suit

VitorMob · on March 25, 2024

EDR for linux/macos/freebsd opensource

VitorMob · on July 26, 2023

article https://www.moblog.in/2023-06-28-reconstruct-csgo-vtable

VitorMob · on July 13, 2023

Bem-vindo ao moblog, meu portal dedicado à engenharia reversa e programação de baixo nível! Aqui, compartilho meu interesse pela análise de sistemas complexos, decodificação de algoritmos e compreensão do funcionamento interno de dispositivos e softwares.

VitorMob · on Jan 18, 2023

A possible anti-virus concept, written in open source C++

VitorMob · on March 14, 2022

map processes in linux edit heap/stack memory

VitorMob · on Jan 5, 2022

CoffeeBoot is a UEFI bootloader for x86_64 architecture. It looks for an executable elf (KERNEL.ELF) in the /KERNEL directory of a FAT partition. If the kernel is found, then the perks are copied to address 0x100000 and the code is passed to the kernel.