Welcome to the Cyberus Tech-Blog!
February 5, 2018
In the last article, we have shown how to interrupt a process running in an unpatched Windows system on top of the Cyberus virtualization platform before it executes specific system calls using the Tycho Python API. This time, we demonstrate how to implement a short but useful script that logs which files are accessed by a process of our choice.
January 22, 2018
Due to its introspection capabilities, the Cyberus virtualization platform is able to analyze Windows system calls. In this article we demonstrate how simple it is to extract system call parameters out of a running windows machine with Python using the Tycho API.
January 4, 2018
In this article we are going to play with a DLL injection tool on a Windows system that is running on top the Cyberus Virtualization Platform. Using the Tycho Python API, we will see how dead simple it is to check if a process has been subject to DLL injection.
January 3, 2018
Meltdown is an attack on the general memory data security of computers with the Intel x86 architecture. Two members of the founder team of Cyberus Technology GmbH were among the first experts to discover this vulnerability. This article describes how Meltdown actually works and also examines the mitigations that have been patched into the most widespread operating systems while the information embargo was still intact.
January 2, 2018
This article demonstrates how simple it is to setup our analysis tool Tycho and plays with the Tycho Python API in order to outline its potential. We will pause and resume processes, read interesting process information, and inject errors using the Tycho Python API.