I used this tutorial back in 2020 to create a library that can get "LoadLibrary" and "GetProcAddress" without including . Not to write viruses, just to be able to write OpenGL code without having all the bloat that comes with . Reviewing this again so I can work on a header-only C file that you can run to start writing shader code. No dependencies. Just a single file. Try to make OpenGL as easy to get started with in C as it is with WebGL.
This was a great tutorial. I really liked how you give little explanations for some concepts, it is really beginner-friendly and easy to follow. I would definitely like to see more about windbg. Thank you for the videos.
Thanks for the feedback! I wasn't sure if those cuts were going to be annoying or informative... sounds like the latter though so I'll keep doing them : )
@19:00-19:02 the return address of VirtualAlloc is most likely at 7504590e and not the one being highlighted (it belongs to KERNELBASE!ResetWriteWatch). You could put an annotation there to help future viewers:) Thank you very much for your work, great video!
The Stompin' Tom outro really caught me off guard xD Unfortunately I seem to be at this kind of video a bit too early, don't know nearly enough about assembly to make heads or tails of what i'm looking at. I just wanted to figure out why this (not malicious) program I have wasn't properly launching xD
When providing a range to the .writemem function all values are inclusive. MSDN uses as an example that writing the range 1000 - 1007 is 8 bytes long. So for this video, the range should have been 30000 - 35999 which will return the desired size of 6000. Keep up the great videos!
I recently found out about this channel and I immiediately fell in love, something I've been looking for since long time.Also, it would be awesome to have simmilar tutorial on x64dbg, I've been using it for some time but it still feels I'm missing something (unless there's a nice tutorial already)
I worked with an "experienced" coder who worked on Windows 95 and they've been calling it WindBag for years... because it's name is windbg - windbag. Pretty simple really.
In the instruction *eb $peb+0x2 0x0*, why isn’t BeingDebugged byte at $peb+0x1? Since $peb itself ie. $peb+0x0 will be the first byte of the structure?
Hi, I'm a liveoverflow subscriber and I wanted to give your channel some constructive criticism: upgrade your mic. This is the 1 thing that immediately pushed me away from your channel. Then I would suggest maybe zoom the part you are talking about (ie at 12:47) more often because the mouse pointer is tiny otherwise and makes following harder. Lastly the cam is appreciated but not necessary (IMO). Regardless you are one helpful source of info for the Reverse Engineers community.
Hey thanks for the suggestion. The reason we haven't covered .NET stuff is because there are already so many excellent .NET malware analysis tutorials over on the MalwareAnalysisForHedgehogs channel. We do get a lot of requests for this though so maybe we will do something in the future. Until then I recommend checking out these: th-cam.com/video/O3S-M2nAKmE/w-d-xo.html th-cam.com/video/92GDWqCK1rQ/w-d-xo.html th-cam.com/video/0DV1bhnnOyM/w-d-xo.html th-cam.com/video/1RNcZpBLZHs/w-d-xo.html
Is it possible to bp a 64-bit API from a 32-bit process? a heaven's gate thing. i was able to create a trace script using z command while monitoring the change in cs register but it takes forever.
We have already covered a generic process for identifying and bypassing anti-analysis techniques in an older video th-cam.com/video/WlE8abc8V-4/w-d-xo.html but if there are some specific tricks you want to see just let us know! Maybe we could do a tutorial on setting up some plugins to do this automatically?
Your videos are amazing sir. I will be starting the book- Secrets of Reverse Engineering soon after finishing black hat python book.I'll really appreciate if we can do a cybertalk on my channel and you can share your side of knowledge🙂any way i can get in touch with you?
I used this tutorial back in 2020 to create a library that can get "LoadLibrary" and "GetProcAddress" without including . Not to write viruses, just to be able to write OpenGL code without having all the bloat that comes with .
Reviewing this again so I can work on a header-only C file that you can run to start writing shader code. No dependencies. Just a single file.
Try to make OpenGL as easy to get started with in C as it is with WebGL.
This is a brilliant resource - quite amazing how far debugging has come since my W32Disasm days
This was a great tutorial. I really liked how you give little explanations for some concepts, it is really beginner-friendly and easy to follow. I would definitely like to see more about windbg. Thank you for the videos.
Thanks for the feedback! I wasn't sure if those cuts were going to be annoying or informative... sounds like the latter though so I'll keep doing them : )
i agree, the little explanations are one of the key reason why i love oalabs
The new version of Windbg is so nice, I don't no if you saw her..
Good video !!
@19:00-19:02 the return address of VirtualAlloc is most likely at 7504590e and not the one being highlighted (it belongs to KERNELBASE!ResetWriteWatch). You could put an annotation there to help future viewers:)
Thank you very much for your work, great video!
True that. Another way to do it is to simply set a bp at VirtualAlloc and then running "pt" command which jumps right into the ret.
Thumbs up to bringing back Josh!
The new WinDbg allows you to do kernel mode debugging from the host :)
The Stompin' Tom outro really caught me off guard xD
Unfortunately I seem to be at this kind of video a bit too early, don't know nearly enough about assembly to make heads or tails of what i'm looking at. I just wanted to figure out why this (not malicious) program I have wasn't properly launching xD
When providing a range to the .writemem function all values are inclusive. MSDN uses as an example that writing the range 1000 - 1007 is 8 bytes long. So for this video, the range should have been 30000 - 35999 which will return the desired size of 6000. Keep up the great videos!
That makes sense, thanks Dmytri!
looking forward to kernel debugging!
Yes more on this please! Kernel debugging would be awesome!
Good tutorial. Please upload more such vides.
Hey guys, great helpful video. I am definitely interested in seeing more!
I recently found out about this channel and I immiediately fell in love, something I've been looking for since long time.Also, it would be awesome to have simmilar tutorial on x64dbg, I've been using it for some time but it still feels I'm missing something (unless there's a nice tutorial already)
Hey thanks very much! We have been thinking about doing something similar for x64dbg, stay tuned : )
Perfect!! ,Thank you very mach !
Your channel is the best for learning reverse engineering!!
Hey thank you very much, glad you are enjoying these : ))
I worked with an "experienced" coder who worked on Windows 95 and they've been calling it WindBag for years... because it's name is windbg - windbag. Pretty simple really.
None of this is true
Awesome! Gonna go through this right now 👍
Was so helpful. Thanks a ton! 🙌🙌
Great overview, thanks!
16:55 that sound. I thought something closed or broke...
Love your work i wish i have found your videos earlier keep up the good work
yesssssssssssssssssssss!!!!!!!! been waiting for more oalabs!
Yay!!! Kernel debugging
Awesome video as usual!
Well done guys!! 🤓
Very very nice video, TNX.
Perfect ! Thanks !
Can you use WinDbg for other software programs other then Windows applications?
In the instruction *eb $peb+0x2 0x0*, why isn’t BeingDebugged byte at $peb+0x1? Since $peb itself ie. $peb+0x0 will be the first byte of the structure?
Okay that’s an array of two bytes. My bad.
Hi, I'm a liveoverflow subscriber and I wanted to give your channel some constructive criticism: upgrade your mic. This is the 1 thing that immediately pushed me away from your channel. Then I would suggest maybe zoom the part you are talking about (ie at 12:47) more often because the mouse pointer is tiny otherwise and makes following harder. Lastly the cam is appreciated but not necessary (IMO). Regardless you are one helpful source of info for the Reverse Engineers community.
Thanks for the video =)
Well done guys. Also can you guys do a .NET malware analysis? Thanks!
Is .NET malwares that harmful? never have experienced with it.
Hey thanks for the suggestion. The reason we haven't covered .NET stuff is because there are already so many excellent .NET malware analysis tutorials over on the MalwareAnalysisForHedgehogs channel. We do get a lot of requests for this though so maybe we will do something in the future. Until then I recommend checking out these:
th-cam.com/video/O3S-M2nAKmE/w-d-xo.html
th-cam.com/video/92GDWqCK1rQ/w-d-xo.html
th-cam.com/video/0DV1bhnnOyM/w-d-xo.html
th-cam.com/video/1RNcZpBLZHs/w-d-xo.html
I saw some of them @@inspiredbymichansenpai2393
Thank you for the recommendation! Really helpful. @@OALABS
Should I learn assembly before watching this video?
Is it possible to bp a 64-bit API from a 32-bit process? a heaven's gate thing. i was able to create a trace script using z command while monitoring the change in cs register but it takes forever.
Can you make a video on bypassing anti debug? :D
We have already covered a generic process for identifying and bypassing anti-analysis techniques in an older video th-cam.com/video/WlE8abc8V-4/w-d-xo.html but if there are some specific tricks you want to see just let us know! Maybe we could do a tutorial on setting up some plugins to do this automatically?
Thanks for a great video. Love you babe
How do I exit WinDbg? Every time I open a game, it says to exit it. Someone please help
Windebug? I thought it was affectionately pronounced Windbag?
Lol, an Ionescu student I see : )
Your videos are amazing sir. I will be starting the book- Secrets of Reverse Engineering soon after finishing black hat python book.I'll really appreciate if we can do a cybertalk on my channel and you can share your side of knowledge🙂any way i can get in touch with you?
Thanks, would be happy to chat. Contact info is in the description of each video, and on our website openanalysis.net
@@OALABS🙂 thanks for the quick response sir.I unfortunately dont have a twitter account....Can we get in touch through Discord/Instagram/linkedin?
And here I am, in front of my gdb prompt...
I like GEF to make gdb a bit more user-friendly github.com/hugsy/gef