Didier Stevens

Thursday 31 July 2014


Filed under: Uncategorized — Didier Stevens @ 8:50

I plan to produce short videos more frequently. I will not post them all here on my blog, I’ve created another blog for all my videos:

The RSS is http://videos.didierstevens.com/feed/.

And from time to time, I’ll repost an old video on that feed.

Wednesday 14 March 2012

Update: PDFid And pdf-parser

Filed under: Uncategorized — Didier Stevens @ 9:15

To mark the occasion of my Malicious PDF Analysis workshop at Black Hat Europe 2012, I’m releasing version 0.0.12 of PDFiD and version 0.3.9 of pdf-parser.

The major change is that these 2 tools support Python 3 too now. And then there are a couple of bugfixes and new features given to me by readers.

You can find these tools on the PDF Tools page.

Tuesday 18 January 2011

Quickpost: Checking ASLR

Filed under: Quickpost,Uncategorized,Vulnerabilities,Windows 7,Windows Vista — Didier Stevens @ 11:13

Some people asked me for a simple way to check shell extensions for their ASLR support. You can do this with Process Explorer.

Start Process Explorer, and set the lower pane to display DLLs. Select process explorer.exe, and add column ASLR to the lower pane view. Then sort on column ASLR.

You will see this:

Notice that on a default Windows 7 32-bits install all DLLs (with code) support ASLR. The n/a is for resource DLLs, they don’t contain code, and ASLR doesn’t apply to them.

Now open an explorer window and right-click a file, like this:

This action will load the context menu shell extensions.

Take a look at Process Explorer:

Now you see the shell extensions without ASLR support.

Quickpost info

Tuesday 1 September 2009

Link: case of the tweep abduction

Filed under: Entertainment,Uncategorized — Didier Stevens @ 20:15

I know, I love a bit of mischief 😉

Wim renamed his “old” Twitter account @domgingelom to the “new” @wimremes. And then I promptly registered @domdingelom… 😉

Did some Tweeting under an assumed name…

And then gave the “new” @domdingelom to Wim.

Tuesday 8 July 2008

A Little Poll

Filed under: Uncategorized — Didier Stevens @ 20:45

According to you, what’s the single most-downloaded file from my site http://DidierStevens.com? It’s neither welcome.html nor robots.txt.

Post your guess as a comment.

Sunday 9 December 2007

Quickpost: Restoring Safe Mode with a .REG File for Windows 2000 SP4 Professional

Filed under: Uncategorized — Didier Stevens @ 11:00

I added the SafeBoot registry keys for Windows 2000 SP4 Professional to the zip file and updated the post.

Quickpost info

« Previous Page

Blog at WordPress.com.