Binary Ninja 3.0 The Next Chapter (Pseudo C decompile!) https://binary.ninja/2022/01/27/3.0-the-next-chapter.html #reverse #binaryninja #dukeBarman

An experimental dynamic approach to devirtualize pure functions protected by VMProtect 3.x

https://github.com/JonathanSalwan/VMProtect-devirtualization

#reverse #vmp #vmprotect #protection #obfuscation #deobfuscation #devirtualization #sloukixnx

A Comprehensive Guide to Hooking Windows APIs with Python

https://forum.reverse4you.org/t/a-comprehensive-guide-to-hooking-windows-apis-with-python/18152

#reverse #malware #inject #hook #tips #darw1n

The FLARE Obfuscated String Solver (FLOSS) has been supporting analysts to extract hidden strings from malware samples for many years now. Over the last few months, we’ve added new functionality and improved the tool’s performance. In this blog post we will share exciting new features and improvements including a new string deobfuscation technique, simplified tool usage, and much faster result output.

https://www.mandiant.com/resources/floss-version-2

#malware #reverse #tools #SoGood0x1

Rizin v0.4.0 and Cutter v2.1.0 are here! 🥳

Rizin team:
We continue our focus on stability and performance while introducing new features, including:
- FLIRT signatures applied automatically during the analysis!
- New Intermediate Language — RzIL
https://github.com/rizinorg/rizin/releases/tag/v0.4.0

Cutter team:
Introducing exciting new features including auto-detection of common library functions, a YARA plugin to quickly create and test signatures, and many more...
https://github.com/rizinorg/cutter/releases/tag/v2.1.0

#reverse #rizin #cutter

At the beginning of 2020, we discovered the Red Unlock technique that allows extracting Intel Atom Microcode. We were able to research the internal structure of the microcode and then x86 instruction implementation. Also, we recovered a format of microcode updates, algorithm and the encryption key used to protect the microcode

https://github.com/chip-red-pill/MicrocodeDecryptor

#tools #reverse #intel #interlnals #microcode #Aligner

UserComment is a plugin to display user-added comments in disassembly and pseudocode views.

https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747

#reverse #idapro #plugin

Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game

https://decoded.avast.io/janvojtesek/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game/

#gamehack #expdev #reverse #v8 #exploit

Awesome HyperDbg: A list of awesome resources about HyperDbg.

https://github.com/HyperDbg/awesome

#reverse #tools #hyperdbg

Debugging Windows Isolated User Mode (IUM) Processes

In this blog post discussed how to debug Windows' Isolated User Mode (IUM) processes, also known as Trustlets, using the virtual TPM of Microsoft Hyper-V as our target.

https://blog.quarkslab.com/debugging-windows-isolated-user-mode-ium-processes.html

#reverse #windows #trustlets

Analysis of CVE-2023-29336 Win32k Privilege Escalation Vulnerability (with POC)

https://www.numencyber.com/cve-2023-29336-win32k-analysis/

#expdev #reverse #windows #poc

Advanced Root Detection & Bypass Techniques

In this blog, we will explore techniques related to root detection on Android devices and methods to bypass it. Our main focus will be on the strategies employed by app developers to protect their applications and prevent them from running on compromised devices.

https://8ksec.io/advanced-root-detection-bypass-techniques/

#mobile #android #reverse #frida #root #detection #bypass

Use the free Microsoft bing's gpt with ida pro, to perform free analyzes!

https://github.com/p1ay8y3ar/idaBingGPTPlugin

#tools #reverse #idapro #ai

Reverse Engineering Go Binaries with Ghidra (Part 1)
https://forum.reverse4you.org/t/reverse-engineering-go-binaries-with-ghidra-part-1/20096/1

Reverse Engineering Go Binaries with Ghidra (Part 2)
https://forum.reverse4you.org/t/reverse-engineering-go-binaries-with-ghidra-part-2/20097

#reverse #ghidra #golang

Titan is a VMProtect devirtualizer

https://github.com/archercreat/titan

#tools #reverse #devirt #devirtualizer #vmp #protector

The installation package for IDA Pro 9.0 Beta 2 available without password.
https://out5.hex-rays.com/beta90_6ba923/

Forum for discussion:
https://forum.reverse4you.org/t/ida-pro-9-0-beta/20459

Chat for discussion:
https://xn--r1a.website/r0_chat/1

#tools #reverse #idapro #windows #linux #macos

DJI - The ART of obfuscation

https://blog.quarkslab.com/dji-the-art-of-obfuscation.html

#reverse #mobile #android #obfuscation

How to Bypass Golang SSL Verification

https://www.cyberark.com/resources/threat-research-blog/how-to-bypass-golang-ssl-verification

#golang #ssl #bypass #reverse #web #pentest

C++ Unwind Exception Metadata: a Hidden Reverse Engineering Bonanza

https://www.msreverseengineering.com/blog/2024/8/20/c-unwind-metadata-1

#reverse #cpp #type #reconstruction #hints

Native function and Assembly Code Invocation

https://research.checkpoint.com/2022/native-function-and-assembly-code-invocation/

#reverse #idapro