Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
In this presentation, we'll look at Defender's emulator for analysis of potentially malicious Windows PE binaries on the endpoint. To the best of my knowledge, there has never been a conference talk or publication on reverse engineering the internals of any antivirus binary emulator before. By Alexei Bulazel Full abstract and materials: https://www.blackhat.com/us-18/briefi...
▶︎
Kernel Mode Threats and Practical Defenses
▶︎
Malware Buried Deep Down the SPI Flash: Sednit's First UEFI Rootkit Found in the Wild
▶︎
Windows Notification Facility: Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet
▶︎
DEF CON 31 - Defender Pretender When Windows Defender Updates Become a Security Risk -Bar, Attias
▶︎
Every Level of Reverse Engineering Explained
▶︎
Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library
▶︎
Windows Device Drivers Internals and some Reversing
▶︎
AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It
▶︎
How Rockstar fit an entire city into PlayStation 2 memory
▶︎
Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps
▶︎
Paging All Windows Geeks – Finding Evil in Windows 10 Compressed Memory
▶︎
Casey Muratori – The Big OOPs: Anatomy of a Thirty-five-year Mistake – BSC 2025
▶︎
How to Remove All Viruses from Windows 10/11 (2025) | Tron Script
▶︎
Something is jamming GPS over Europe. Here's what we found
▶︎
Defender-Pretender: When Windows Defender Updates Become a Security Risk
▶︎
ATT&CK Deep Dive: Process Injection
▶︎
HackadayU: Reverse Engineering with Ghidra Class 1
▶︎
World's Deadliest Computer Virus: WannaCry
▶︎
Develop Your Own RAT: EDR + AV Defense by Dobin Rutishauser
▶︎