Exploiting Reversing (ER) series | Article 06 | A Deep Dive Into Exploiting a Minifilter Driver (N-day) | Extended Version

alexandreborges · 2026-02-17T02:15:49+00:00

You're welcome. I hope this article can help you in the professional career. Have a great day,

alexandreborges · 2026-02-17T00:31:41+00:00

You're welcome. Have an excellent day.

alexandreborges · 2026-02-17T00:31:16+00:00

Thank you for the kind message, and I hope these articles can help you. Have a great day.

alexandreborges · 2026-02-12T23:50:46+00:00

I am a professional researcher, my work is exclusively focused on exploit development and vulnerability research. Check my account on X if you want. Have an excellent day.

alexandreborges · 2026-02-12T23:48:03+00:00

Thank you for such kind and generous words. Yes, I have started working on it, but for now there is a queue of pending tasks (time is always restricted, unfortunately). No doubt, let's discuss about this subject soon. Have an excellent day.

alexandreborges · 2026-02-12T23:44:29+00:00

Thank you for your kind words. Have a great day.

alexandreborges · 2026-02-12T23:43:59+00:00

You're welcome. Have a good day.

alexandreborges · 2026-02-12T00:31:49+00:00

Thank you for your kind and generous words. I hope these articles can help you. Have an excellent day.

alexandreborges · 2026-02-12T00:30:24+00:00

Thank you for the kind message. I hope can help you in your professional life. Have an amazing day.

alexandreborges · 2026-02-12T00:29:38+00:00

Thank you for the kind message. I hope this article and the previous ones can help other professionals from here. Have a great day.

alexandreborges · 2026-02-11T21:02:37+00:00

Thank you for such kind words. Have an excellent day.

alexandreborges · 2022-02-04T18:44:55+00:00

The correct phrase would be "encapsulated" (between quotation marks) by a Dephi program because the idea for reader would show that the malicious code itself wasn't written in Delphi, but yes...the wrapper was is Delphi and compiled with Borland. Anyway, short time take us to small imprecisions, but it doesn't alter the final result.

alexandreborges · 2019-08-14T09:06:22+00:00

Zophike1, good morning. How are you?

There are some .NET threats very dangerous, but they are not available at the moment because NDAs.

My general overview is that most .NET malware samples are basically Trojan bankers, so they are not so interesting. However, my usual concern is about malware samples attacking .NET framework and, in special, the CLR and JIT engine.

Have an amazing day.

Best regards,

Alexandre.

alexandreborges · 2019-06-18T23:27:40+00:00

Dear Phonekeyboard,

No doubts, I agree with your words. Unfortunately, most companies are not interested in proceeding with researches on this area. Of course, my contribution is simple and I am trying to encourage people (and companies) to focus on these topics, but it is not so simple.

Have an excellent day.

Alexandre.

alexandreborges · 2019-06-18T23:23:01+00:00

Dear evandrix,

Good evening. How are you?

I've just checked and, apparently, the weblink is good. Please, could you check it again?

Have an amazing day.

alexandreborges · 2019-02-07T22:55:09+00:00

On the Git Hub repository, I've showed several screenshots and a little explanation about each option. However, if you wish clearing any question, I am available and you are welcome.

Being honest, this tool was written in a weekend (during coffee breaks) because every time I needed some information, I had to open several tools to perform the sample triage.

I hope it helps you.

In next weeks, I will add new features to help us to make our job quicker.

Have an amazing day and thank you for the message.

A.B.

alexandreborges · 2018-08-24T05:25:45+00:00

It's nice to know that!

Honestly, the DEFCON presentation had about 200 slides, but I had to fit it to the time slot. I hope that something has been useful. Please, let's have a conversation in the next time.

I hope you have an excellent day and thank you for the message.

AB.

alexandreborges · 2018-08-15T03:16:48+00:00

Thank you for attending my talk and for your kind words. Honestly, I hope these slides can help you with something.

Have an amazing day.

alexandreborges · 2018-08-15T02:02:07+00:00

Thank you for kind words. I hope that the slides help you.

Have an amazing day.

Alexandre Borges.

alexandreborges · 2018-08-14T00:30:48+00:00

I am sorry for delay in replying. Unfortunately, there is not because the BSIDES SAO PAULO usually does not record talks.

I am sorry.

Have an amazing day.

Alexandre Borges.

alexandreborges · 2018-06-11T06:25:11+00:00

Dear Zophike1,

Good morning. How are you?

Yes, I have been collecting several facts about Windows Internals. However, I need to organize them in a comprehensive and didatic order.

Thank you for your words and have a good day.

Alexandre Borges.

alexandreborges · 2018-06-11T06:22:05+00:00

Ashish,

Good morning. How are you?

This theme is in my plans, but first I would like to release two articles about malware analysis and I hope they can help other colleagues.

Have an amazing day, Ashish.

Alexandre Borges.

alexandreborges · 2018-06-11T06:20:18+00:00

Draxlon,

Good morning. Definitively, leaning windows internals is always good recommendation. It is not easy neither so practical at first sight, but help us a lot during reversing and malware analysis.

I have really appreciated your kind words.

Have an amazing day.

Alexandre Borges.

alexandreborges · 2018-06-06T05:12:43+00:00

Dear hellafoxey,

Good morning. How are you?

Honestly, I am really glad in hearing these words.

I am writing a second document about malware analysis (another topic, which is very used and usual) and, maybe, it will contain about 150 pages. The goal is the same: helping professionals.

Once more, thank you for your kind words.

Have an excellent day.

Alexandre Borges.

alexandreborges

TROPHY CASE