Gargoyle is a memory analysis evasion technique that uses return-oriented programming (RoP) for hiding all of a program’s executable code in non-executable memory when it is inactive, and temporarily mark it executable to do some work at a pre-defined interval (every 15 second, in the PoC).
When the first hacking of a telecommunication system occurred?
During investigation in a security incident, event log analysis is a key element.
With some useful enhanced features!
A typical NTFS filesystem contains hundreds of thousands of files. Each file has its own $MFT entry, and all $MFT entries are given a sequential address starting from zero, zero being the $MFT entry itself.
When performing the analysis of a malicious Android program directly on the device, often can be required to dump some network traffic.