Below, we compare different ways of intercepting network packets, and of filtering and analyzing their content to see if kernel drivers which use NDIS and WFP frameworks perform better than WinPcap. We tested the performance of each method. See table. Testing We measured network bandwidth after applying a basic filter which: Intercepts all packets Verifies […]
In June, 2015 there was an alarming bit of news when people over at the Debian project realized that Chromium silently downloaded a closed source NaCl binary extension. It was the hotword extension which implements speech recognition techniques. When someone says “OK Google” within range of the microphone, Chrome interprets what follows as a command. […]
Our Data Loss Prevention Development team used Deviare to add watermarks to printed documents by intercepting XPS Print API interfaces. This technique can be applied to all printing jobs on virtual or physical printing devices. Get the code. The requirements are: An operating system with XPS Print API (Windows Vista SP2 with Platform Update or higher) Visual […]
RemoteBridge is now open source and available on GitHub as are Deviare Hooking Engine and Deviare-InProc. RemoteBridge allows you to access the COM and Java objects instanced in a process as if they were your own object instances. You can access their methods, properties and events from your own application. It is implemented as a COM […]
We have good news for those interested in Windows Hooking. Deviare Hooking Engine is now open source and available on GitHub. The license is GPL but a commercial license and support are also available for users who want to distribute closed-source products based on Deviare. Our other open source hooking product, Deviare In-Proc, now supports […]
Deviare 101 Part 1 Welcome to the first installment of Deviare 101. In this article, we’ll explain how to use Deviare’s Reg-Free COM capability to easily deploy applications on end-user machines. This guide uses Visual Studio 2013 but can also be followed on earlier versions. The Manifest File Reg-Free COM requires an XML file called […]
A customer asked to develop a solution to prevent data leaks of their databases. Hernan has added a new feature to the code offered in our article SQL Server Interception and SQL Injection Attack Prevention. Now it is possible to cancel queries as well as watch them. The code sample uses the Deviare Interception Engine’s […]
You can download our free Outlook Add-In for Google Drive to sample our Outlook managed file transfer services. Several issues arise when sending large files with Outlook: there is a data overhead for each binary attachments sent via SMTP, Microsoft Exchange limits the size of attachments, and servers often have e-mail quotas. In Integrating Dropbox with Microsoft […]
Zero day vulnerabilities put organizations at the mercy of vendors. These vulnerabilities are like a ticking bomb: you do not know when someone will exploit them. Writing your own patch for closed source applications is, in most cases, a complex mission that can take even longer than the vendor solution. When you use legacy software […]
Today Manuel Fernandez is presenting HookME at Black Hat USA Arsenal 2013. HookME is software designed for intercepting communications which uses the Nektra Deviare Engine for binary instrumentation. HookME can intercept unencrypted HTTPS web traffic. Many different proxy servers are used to intercept HTTP traffic. Fiddler is the most popular one for generic purposes. Burp Proxy is the leader for security testing. […]