Many roads to IAT

A few days ago a friend approached me and asked how he could see the import address table under immunity debugger and if this could be done using the command line.

I figured this would be a good time to take a look at what the IAT is, how we can list the IAT and what common reversing hurdles could be with regards to the IAT.
Continue reading

In Memory Fuzzing

Introduction In memory fuzzing is a technique that allows the analyst to bypass parsers; network-related limitations such as max connections, buit-in IDS or flooding protection; encrypted or unknown (poorly documented) protocol in order to fuzz the actual underlying assembly routines that are potentially vulnerable. Prior to the development of my fuzzing toolset, I was unsatisfied […]

Backup & Restore Windows Server based Print Servers

After having to recover a broken Windows Server based print server yesterday, I decided to write this small article on how to set up print server backups, and describe the simple process of recovering the print server after a crash (or even roll back printer drivers in case a newly installed driver messes up your […]

How to properly restore (objects in) the 2003 AD database

Windows 2000 /Active Directory has been around for more than 7 years now. I’ve been using AD for almost 7 years, and due to its stability, I never had to recover a deleted object in AD. (Knock on wood). So it’s not a real surprise to find out that a lot of admins don’t even […]

How to restore a Windows 2003 DC using ASR and VMWare

The following procedure should work for any type of hardware, but I’ve used VMWare (so this procedure is also valid if you want to convert a physical Domain Controller to VMWare). Additionally, the procedure works for Windows 2003 server, but also for Windows XP (professional) Prerequisites : ASR backup .bkf file and the ASR floppy […]

AD 2003 DC Restore Technique using VMWare (without having to grant local DC/Domain Admin rights)

In certain distributed AD scenario’s, Domain Admins group membership or local DC admin privileges are restricted to certain people only. This is a good thing to do, but it requires you to think about certain issues before they happen. One of these issues is backup and restore. Yes, you can schedule a system state backup […]

Restoring 2003 AD Objects using Windows 2008 Server

Anyone managing an Active Directory knows about the administrative troubles and work that can be caused when an object (such as a user) gets deleted.  The admin needs to either restore the object, and then manually fill out the attributes (such as password, group membership and so on), or restore a backup of the ntds.dit […]

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
Read the full document at and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)