NTCore

I know, there’s been a bit of delay, but the Explorer Suite II will soon be available. The reason there’s been so much delay is the amount of things I’ve added to the suite. Including the PE Detective and the Signature Explorer. Also, the Task Explorer has now a windows enumerating utility. But, of course, most of the news affect the CFF Explorer. Finally, support for plugins has been added. An SDK and a wizard for Visual Studio 2005 to create extensions has also been provided. A little demo plugin to use upx from the CFF Explorer is included. The Resource Viewer is now a Resource Editor with support for Vista’s PNG icons. There are many other new things, but I don’t want to say too much yet. I just wanted to say that the project is still very active and that the next version will be very satisfying, I think.

Today, I released my new article about Windows Vista and the x64 platform.

Here’s the article’s index:

– Introduction
– x64 Section
– x64 Assembly
– C/C++ Programming
– Inline Assembly
– Windows On Windows
– File System And Registry Redirection
– Interprocess Communication
– Portable Executable
– Exception Handling
– .NET Framework
– Vista Section
– Editions
– Microsoft Visual Studio
– User Account Control
– Compatibility Verification
– Obtaining Admin Rights
– Disable It
– Address Space Layout Randomization
– Driver Signing
– Patch Guard
– Attacks
– Registry Filtering
– Power Management
– .NET Framework 3.0
– Windows Presentation Foundation
– Windows Communication Foundation
– Windows Workflow Foundation
– Conclusions

I hope you enjoy the article and don’t dislike the idea of such a general overview about two really extensive subjects like x64 and Windows Vista. I noticed during the writing that I had to put a lot of images in the article and that this might be problem for slow connections. I’m sorry for that, but it’s the direct consequence of not subdividing this paper in more articles.

Today I uploaded the first official of ScreenWriter. It’s a little freeware software for the writing of screenplays for TV and cinema. It follows the standard american indentation rules and provides autocompletion for characters, places and day times. You can also export your scripts in various file formats.

I know this has nothing to do with the stuff NTCore usually is about, but it made no sense keeping the software on the computer just for myself. I wrote this software in July and just yesterday I decided to add the missing things for a first official release. I wrote it because I needed it. In fact, I didn’t feel comfortable with most commercial products, which also cost a lot of money for being most of the times programs written for windows 95. So, maybe if you are a writer yourself or know anyone who is, you could give this software a try.

Don’t worry, more NTCore’s usual stuff will be uploaded soon

In the last release of the Explorer Suite I removed the setup. This is just temporary, I have to build some new setup projects and test them throughout, because the old ones always had some problems with every new release. I hope I can add the new installers before the second version of the Explorer Suite, which seems still a long way to go. In fact, at the moment I don’t have the time to work on the Task Explorer and for the CFF Explorer VI I’ve planned a MSIL disassembler, which would be easier if I hadn’t in mind some facilities compared to ildasm.

The NTCore blog is up. Here members of NTCore can post technical material and news. The forum has been discarded because it was too hard to mantain and it wasn’t the best way to post technical information.

Yesterday, two articles by Ashkbiz Danehkar about the virtualization process have been released. Also, I updated my article about the .NET file format, with a new paragraph which explains how signatures are stored in the #Blob stream.