SpyStudio Is Now Free: Create and Troubleshoot Application Packages for Windows

SpyStudio is now free and available for download here. It is a Swiss Army knife for cyber security analysts, DevOps, QA engineers, and developers. You can take a look at the articles “Nektra and VMware are Collaborating to Simplify Application Virtualization Packaging” and “How Nektra Improved Desktop Virtualization for Symantec Corporation” to see how big […]

64-bit Microsoft Office Applications Do Not Like Stack Walking

Our Office plugin development team was researching some problems with Office and they found this problem. Our SpyStudio tool intercepts application system calls and retrieves the called functions by inspecting the call-stack. We were unable to access stack information in the last few 64-bit releases of Microsoft Office products. When we use SpyStudio to intercept an Office […]

Abort Microsoft SQL Server Dangerous Queries

A customer asked to develop a solution to prevent data leaks of their databases. Hernan has added a new feature to the code offered in our article SQL Server Interception and SQL Injection Attack Prevention. Now it is possible to cancel queries as well as watch them. The code sample uses the Deviare Interception Engine’s […]

Capturing Unencrypted HTTPS Requests and Responses (As Seen at BlackHat Arsenal)

Today Manuel Fernandez is presenting HookME at Black Hat USA Arsenal 2013. HookME is software designed for intercepting communications which uses the Nektra Deviare Engine for binary instrumentation. HookME can intercept unencrypted HTTPS web traffic. Many different proxy servers are used to intercept HTTP traffic. Fiddler is the most popular one for generic purposes. Burp Proxy is the leader for security testing. […]

Instrumenting Direct3D Applications to Capture Video and Calculate FPS

What is your computer’s maximum render quality, resolution, and frames per second for Battlefield 3? Hard core gamers are eager to show off their expensive, tuned setup at its full potential. Overclocked processors and computers cooled with liquid hydrogen are lovely parts of the gaming folklore. The source code below instruments Direct3D 9 applications to […]

SQL Server Interception and SQL Injection Attack Prevention

Note: we updated the code on August 23, 2013. The new code includes an “abort” feature, discussed in the article Instrumenting Microsoft SQL Server to Abort Dangerous Queries. Our Deviare hooking engine can be used to hook into Microsoft SQL Server 2012 RTM (11.00.2100.60) and 2014 CTP1 queries at the application level. Tools like WireShark use a […]