Malware Development

How I discovered a DLL hijacking vulnerability in CactusViewer v2.3.0, built a proof of concept, and submitted it for a CVE ID.

Introduction A PE (Portable Executable) file is the format Windows uses for executables (.exe), DLLs (.dll), and other binary files. If you want to understand how Windows works under the hood, whether for malware analysis, reverse engineering, or offensive security, understanding PE structure is essential. In this post, I’ll walk through building a PE parser from scratch in C, explaining each component along the way. What is a PE File? Every time you run a program on Windows, the OS loader reads the PE file and maps it into memory. The PE format tells Windows: ...