Is Google Spying on You? How to Quickly Craft an Ad Hoc Security Sandbox

In June, 2015 there was an alarming bit of news when people over at the Debian project realized that Chromium silently downloaded a closed source NaCl binary extension. It was the hotword extension which implements speech recognition techniques. When someone says “OK Google” within range of the microphone, Chrome interprets what follows as a command. […]

Instrumenting the Windows XPS Print API

Deviare can be used to add watermarks to printed documents by intercepting XPS Print API interfaces. This technique can be applied to printing jobs on virtual or physical printing devices. Get the code. The requirements are: An operating system with XPS Print API (Windows Vista SP2 with Platform Update or higher) Visual Studio 2008 with […]

64-bit Microsoft Office Applications Do Not Like Stack Walking

Our SpyStudio tool intercepts application system calls and retrieves the called functions by inspecting the call-stack. We were unable to access stack information in the last few 64-bit releases of Microsoft Office products. When we use SpyStudio to intercept an Office installation or most Office applications like Word or Excel, they start normally, but eventually exit silently. […]

Nektra and VMware are Collaborating to Simplify Application Virtualization Packaging

Nektra’s SpyStudio provides tools allowing for application harvesting and simplified packaging for the VMware ThinApp offering Nektra and VMware, Inc. have been collaborating to significantly improve the process of creating and troubleshooting VMware ThinApp application virtualization packages with the SpyStudio application. The video below shows the SpyStudio new ability to harvest applications directly from the […]

Instrumenting Microsoft SQL Server to Abort Dangerous Queries

Hernan has added a new feature to the code offered in our article SQL Server Interception and SQL Injection Attack Prevention. Now it is possible to cancel queries as well as watch them. The code sample uses the Deviare Interception Engine’s call-skipping feature to abort the execution of the CSQLSource::Execute function. The code distribution includes […]