Episode 3 – Shellcode Analysis with APITracker

Text:

Audience Level: Beginner to Medium.

Few months back we released our new tool APITacker. The idea behind the tool is more mature than the tool itself. Using APITracker we can hook APIs on large scale from DLLs to track the execution of the sample.

APITracker is based on pydbg python debugger. Before we move on to the shellcode analysis lets take a look at the config file of the APITracker.

APITracker: https://cysinfo.com/apitracker-windows-api-tracing-tool/

*Error Correction: In video, shellcode is not using any hash based API resolver. The values are basically the ascii values for API names.

 

 

 

 

 

Share:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.