Ayoub Faouzi

Ayoub Faouzi is interested to computer viruses and reverse engineering, In the first hand, he likes to study PE packers and protectors, and write security tools. In the other hand, he enjoys coding in python and assembly.

Articles from Ayoub Faouzi

X86 Assembly Language, Part 3.2 [Updated 2019]

August 30, 2019

- Ge! Stop! What's Segmentation? Memory segmentation The 80186 is a faster version of the 8086. It also has a 20-bit address bus and 16-bit data bus,

Learn More

Beta Bot Analysis: Part 2

October 1, 2015

Extracting the Botnet Configuration: The bot configuration is encrypted inside the bot and decrypted while the bot is running. In 1.0.2.5, 1.5 and 1.6 versi

Learn More

Andromeda Bot Analysis part 2

September 28, 2015

Bot Analysis: Now, you get the original Andromeda build file. Load the unpacked sample at OllyDBG. As before, after the stack frame at the EP, you see that t

Learn More

Andromeda Bot Analysis part 1

September 25, 2015

Introduction: Andromeda, also known as Win32/Gamarue, is an HTTP based botnet. It was first spotted in late 2011, and is still at this moment used a lot in h

Learn More

Asprox / Kuluoz Botnet Analysis

June 5, 2015

Introduction Kuluoz, aka Asprox, is a spam botnet that emerged in 2007. It has been known for sending mass of phishing emails used in conjunction with social

Learn More

X86 Assembly Language, Part 3.1

October 23, 2012

For part 2 of this series, please click here. Programming in a high-level language does not require a detailed knowledge of the system hardware. Assembly la

Learn More

Getting Your Hands Dirty in x86 Assembly Code

September 28, 2012

For those of you who have been following my eventful career, you already know that this is actually my second published tutorial. Just to bring you up to dat

Learn More