logo

PE Resource Parser in C++ (Native)

In our new article, we will delve into the intricate structure of the resource table of PORTABLE EXECUTABLE files in the Windows operating system and embark on an exciting journey to write our own native parser! This exploration will enhance your understanding of the inner workings of Windows executables and equip you with the skills to analyze these files at a deeper level. Whether you`re a seasoned developer or an enthusiastic learner, this article promises to be a fascinating and enriching experience, full of technical insights and practical knowledge!

Read more
2023-11-12 745

FUZZY HASHES

Friends, hello everyone!

In this article, we will talk about such an important part of every antivirus engine as the hashing module. We'll talk about data verification, blacklisting and whitelisting, finding out how "similar" or "different" data is, and touching on the topic of fuzzy hashing algorithms.

Get comfortable in your chairs!

Read more
2023-03-18 1513

PE Import Table Parser

Hello dear friends!

In this series of articles, together with you, we will write the simplest anti-virus engine with a number of static and dynamic analyzers, analyze the principles of operation of each of them, and get acquainted with related technologies along the way.

The series of articles will be useful for both novice developers and more experienced ones, who, we hope, will be able to find useful information for themselves!

We express our gratitude to all our partners and colleagues who help us in our work and life! Guys, you are the best!

Read more
2023-03-14 2831