This Blog is for Malware Researching, Reverse Engineering and System Programming

Win32 Shellcode Writing - Hackin9 Exploiting Software

Posted by AmrThabet on 3:26 PM

I finished my new article "Shellcode: From a Simple Bug to OS Control"

it will be posted in the next issue of Hackin9 Exploiting Software

that's the sources of the article


don't forget to download it

Amr Thabet

Stuxnet Malware Analysis Paper - on CodeProject

Posted by AmrThabet on 9:45 PM
Hello Everyone

Today ... I'm celebrating the release of My article "Stuxnet Malware Analysis Paper"

I finished this article at the middle of june 2011 but due to some problems I published it today at this link

I hope you enjoy it

Amr Thabet

Speaker at University of Sydney

Posted by AmrThabet on 1:51 PM
I spoke in the University of Sydney in CISS6011 Special Topic: Cybersecurity

about "Stuxnet as a Case Study"

it's not a very advanced presentation and that's related to the level of students in the cyber security field

I hope you enjoy it

Interview with me by Security for Arabs Team (in Arabic)

Posted by AmrThabet on 9:47 PM
Hello everyone

this is an interview with me in Arabic by Security For Arabs Team

the link:

"Rootkits, a Deep Look" now in SecurityKaizen

Posted by AmrThabet on 1:54 PM

Hello Everyone

I contributed to SecurityKaizen Magazine with an article named "Rootkits, a Deep Look"

you can find it at this link:

Security Kaizen Issue 2

you will find my article at page 28

I was interviewed with Cristian Science Monitor (CSM) About Stuxnet

Posted by AmrThabet on 3:19 PM
Hello My Friends

I was interviewed by CSM us newspaper at the aritcle "The new cyber arms race"
the link is here http://www.csmonitor.com/USA/Military/2011/0307/The-new-cyber-arms-race

you will find me at page 3,4 at this links:

Page 3
Page 4

Have Fun

MrxCls - Stuxnet Loader Driver

Posted by AmrThabet on 12:33 PM
Hello Everyone

Today I want to announce the release of a new article named "MrxCls - Stuxnet Loader Driver"

it's the first time I contribute to http://www.infospyware.net/

I hope you like the article

English Version: http://www.infospyware.net/blog/mrxcls-–-malicious-driver-and-primary-attack-of-stuxnet/
Spanish Version: http://www.infospyware.com/blog/mrxcls-driver-malicioso-ataque-principal-de-stuxnet/

The IDA Pro Database (mrxcls.idb) and related files:


Amr Thabet

Victory and Honour

Posted by AmrThabet on 9:23 PM

We finally win and gain our victory from these corrupted people Mubarak and Omar Seliman

We fire them ALLLLL


See This Pictures (more than 100 pics about the revolution)

The Egyptian Revolution

Reversing Stuxnet's Rootkit (MRxNet) Into C++

Posted by AmrThabet on 6:53 PM
Hello Again

This is the first time I reverse a rootkit. I choose Stuxnet Rootkit (as it's a famous virus) and begin reversing..

Finally now I convert it into C++ code with a commented IDA Pro v.5.1 Database for it.

at this link


have a nice day

Amr Thabet