This is the single place where I collect my adventures into ReactOS, Rust, and low-level system software, write about them, and release some tools from time to time.
Hope you find something useful here :)
Welcome to the second part of my blog series on the Windows driver load order. Good to see that you made it up to here. After the preparations in my last post, we are now finally equipped with all necessary tools to analyze the load order and develop a compatible sorting algorithm …
There are close to zero reasons to reverse-engineer the Windows driver load order. Which is exactly why I’m doing it. And if you are as crazy as me and want to write a Windows bootloader in Rust, you inevitably need to deal with this topic. Likewise, if you want to know what happens under the hood when booting …
Industrial Control Systems have long evolved from specialized electronics communicating over proprietary bus systems to fully-fledged embedded computers based on commodity Ethernet connections. The Stuxnet computer worm of 2010 demonstrated to the general public that this development makes Industrial Control Systems …
At ENLYZE we need to deal with operating systems from the last century on customer machines everyday. No matter whether it’s something “simple” like Windows 2000 running on an operator touch panel (“HMI”) or something peculiar like QNX 4 controlling a production machine: If they handle …
The next building block for my bootloader project is ready! nt-apiset is a parser written in Rust for the API Set Map files of Windows 10 and later versions. API Sets are dependencies of PE executables whose names start with “api-” or “ext-”, e.g. api-ms-win-core-sysinfo-l1-1-0 …
This release was not planned. I actually wanted to write a parser for Windows apiset DLLs, but quickly found myself implementing the umpteenth string type to handle Windows UTF-16 characters. After having done that work once for nt-hive and another time for ntfs, it was time to refactor the common parts into a crate …
Around two months ago, the Team82 research group at Claroty disclosed a critical vulnerability in Siemens current S7-1200/S7-1500 series of PLCs. This is the next issue in a series of recent disclosures on the security of these ubiquitous logic controllers. What’s different this time is the whopping CVSS severity …
I recently attended the first ever EuroRust in Berlin from 13th to 14th October. I have been eagerly looking for such a dedicated European conference on Rust, but my previous Google searches were all in vain - and always ended up here. Glad that’s no longer the case :)
At EuroRust, I had the opportunity to speak …
After the ENLYZE PortSniffer in 2020, I’m glad to announce that another tool I developed at ENLYZE has just been released as open-source.
The ENLYZE S7-Project-Explorer is a Windows application to explore Siemens STEP 7 projects and export a complete PLC variable list as a CSV table. This solves our recurring …
On my quest to develop a ReactOS/Windows bootloader in Rust, I inevitably had to stumble upon the infamous LIST_ENTRY structure used in the LOADER_PARAMETER_BLOCK. This is what Windows, Windows drivers, and components influenced by Windows (e.g. UEFI) have been using for a long time to uniformly handle linked lists …