All posts by Zach Wathen
Creating a .NET IL Obfuscator Using Fody
In game development, keeping core logic and runtime data obscured is key—not just to protect your intellectual property, but to stay a step ahead of anyone attempting to reverse engineer or exploit your game. While commercial obfuscators and code virtualizers exist, they often come with heavy overhead and limited flexibility for custom features. This is…
Asynchronous Analysis of Windows KPRCBs for Detection of Unsigned Kernel Shellcode Execution
Introduction What This Post Covers In this article, we’ll explore: The goal is to provide a practical framework for engineers who need to reason about what processors are doing at runtime and ensure that all kernel instructions can be traced back to trusted, signed system images. What is “Unsigned Kernel Shellcode”? In recent years, it’s…