π9β€3
Binary Ninja 3.0 The Next Chapter (Pseudo C decompile!) https://binary.ninja/2022/01/27/3.0-the-next-chapter.html #reverse #binaryninja #dukeBarman
Binary Ninja
Binary Ninja - 3.0 The Next Chapter
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
π10π4π3β€2
An experimental dynamic approach to devirtualize pure functions protected by VMProtect 3.x
https://github.com/JonathanSalwan/VMProtect-devirtualization
#reverse #vmp #vmprotect #protection #obfuscation #deobfuscation #devirtualization #sloukixnx
https://github.com/JonathanSalwan/VMProtect-devirtualization
#reverse #vmp #vmprotect #protection #obfuscation #deobfuscation #devirtualization #sloukixnx
GitHub
GitHub - JonathanSalwan/VMProtect-devirtualization: Playing with the VMProtect software protection. Automatic deobfuscation ofβ¦
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM. - JonathanSalwan/VMProtect-devirtualization
π18π₯6β€4
A Comprehensive Guide to Hooking Windows APIs with Python
https://forum.reverse4you.org/t/a-comprehensive-guide-to-hooking-windows-apis-with-python/18152
#reverse #malware #inject #hook #tips #darw1n
https://forum.reverse4you.org/t/a-comprehensive-guide-to-hooking-windows-apis-with-python/18152
#reverse #malware #inject #hook #tips #darw1n
R0 CREW
A Comprehensive Guide to Hooking Windows APIs with Python
Developers apply API hooking practices to better understand how a system works, alter the behavior of an operating system or an application, detect malicious code, and build strong products. The majority of guides and tutorials on Windows API hooking areβ¦
π12π₯11
The FLARE Obfuscated String Solver (FLOSS) has been supporting analysts to extract hidden strings from malware samples for many years now. Over the last few months, weβve added new functionality and improved the toolβs performance. In this blog post we will share exciting new features and improvements including a new string deobfuscation technique, simplified tool usage, and much faster result output.
https://www.mandiant.com/resources/floss-version-2
#malware #reverse #tools #SoGood0x1
https://www.mandiant.com/resources/floss-version-2
#malware #reverse #tools #SoGood0x1
Google Cloud Blog
FLOSS Version 2.0 | Mandiant | Google Cloud Blog
β€10π8
Rizin v0.4.0 and Cutter v2.1.0 are here! π₯³
Rizin team:
We continue our focus on stability and performance while introducing new features, including:
- FLIRT signatures applied automatically during the analysis!
- New Intermediate Language β RzIL
https://github.com/rizinorg/rizin/releases/tag/v0.4.0
Cutter team:
Introducing exciting new features including auto-detection of common library functions, a YARA plugin to quickly create and test signatures, and many more...
https://github.com/rizinorg/cutter/releases/tag/v2.1.0
#reverse #rizin #cutter
Rizin team:
We continue our focus on stability and performance while introducing new features, including:
- FLIRT signatures applied automatically during the analysis!
- New Intermediate Language β RzIL
https://github.com/rizinorg/rizin/releases/tag/v0.4.0
Cutter team:
Introducing exciting new features including auto-detection of common library functions, a YARA plugin to quickly create and test signatures, and many more...
https://github.com/rizinorg/cutter/releases/tag/v2.1.0
#reverse #rizin #cutter
GitHub
Release Release v0.4.0 Β· rizinorg/rizin
Here we are again with a new release of Rizin, v0.4.0. We are still in the v0.y.z realm, but we are getting closer and closer to what we can consider our first stable release v1.0.0, with fully wor...
β€9π6π₯5
At the beginning of 2020, we discovered the Red Unlock technique that allows extracting Intel Atom Microcode. We were able to research the internal structure of the microcode and then x86 instruction implementation. Also, we recovered a format of microcode updates, algorithm and the encryption key used to protect the microcode
https://github.com/chip-red-pill/MicrocodeDecryptor
#tools #reverse #intel #interlnals #microcode #Aligner
https://github.com/chip-red-pill/MicrocodeDecryptor
#tools #reverse #intel #interlnals #microcode #Aligner
π₯22β€5π4π1
UserComment is a plugin to display user-added comments in disassembly and pseudocode views.
https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747
#reverse #idapro #plugin
https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747
#reverse #idapro #plugin
R0 CREW
UserComment: An IDA plugin to show user-added comments
UserComment is a plugin to display user-added comments in disassembly and pseudocode views. Provides a comment window, displaying user-added comments, including comments in assembly code and pseudocode. Support for different types of comments (common commentsβ¦
π6β€2