When talking about editing memory, we usually think about patching code. Patching code means changing the binary code in memory for, let’s say, when you want to prove a hypothesis while debugging and you don’t have access to the source code. This is a very exciting subject, and WinDbg has the right...

Years ago I needed to debug an application that just had the binary code with no symbols or source code. To make things even more difficult, I found out the application had some kind of anti-debugger protection. After analyzing the dead listing of the application using DumpBin I discovered the trick...

This is one of my “just for fun” scripts. It’s very simple and has some limitations, but it’s fun! What does it do? Open Notepad.exe then copy and paste a text on it or just write some stuff. After that, open the script and replace the StringsToFind and StringsToReplace with the strings you want to...

First, this script is not really about cheating. It does that with Minesweeper, but there are several other possibilities using a bit more bytes that do a better job to fool the application. However, the point here is to show you how powerful the debugger is or, more precisely, the power you have...