unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
C++ Unwind Exception Metadata: A Hidden Reverse Engineering Bonanza
Training Classes...
2024-8-23 02:52:42 | 阅读: 2 |
收藏
|
Blog - Möbius Strip Reverse Engineering - www.msreverseengineering.com
unwind
destructor
destructors
exn
An Exhaustively Analyzed IDB for ComLook
This blog entry announces the release of an exhaustive analysis of ComLook, a newly-discovered malwa...
2022-1-26 04:37:53 | 阅读: 22 |
收藏
|
www.msreverseengineering.com
analysis
rays
remote
comlook
recovered
Automation in Reverse Engineering C++ STL/Template Code
Training Classes...
2021-09-22 04:57:00 | 阅读: 45 |
收藏
|
www.msreverseengineering.com
reverse
stl
vec
shuffle
programmers
Hex-Rays, GetProcAddress, and Malware Analysis
This entry is about how to make the best use of IDA and Hex-Rays with regards to a common scenario i...
2021-06-02 09:10:45 | 阅读: 60 |
收藏
|
www.msreverseengineering.com
rays
analysis
applying
casts
evident
What is a while(2) loop in Hex-Rays?
Hex-Rays uses while(1) to represent infinite loops in the output. However, sometimes you might see w...
2021-03-04 08:59:27 | 阅读: 140 |
收藏
|
www.msreverseengineering.com
loops
ctree
microcode
rays
phases
An Exhaustively-Analyzed IDB for FlawedGrace
This blog entry announces the release of an exhaustive analysis of FlawedGrace. You can find the IDB...
2021-03-03 04:47:11 | 阅读: 134 |
收藏
|
www.msreverseengineering.com
analysis
flawedgrace
comrat
reverse
inheritance
An Exhaustively-Analyzed IDB for ComRAT v4
This blog entry announces the release of an exhaustive analysis of ComRAT v4. You can find the IDBs...
2020-09-02 01:45:00 | 阅读: 51 |
收藏
|
www.msreverseengineering.com
analysis
eset
reverse
comrat
rays
A Compiler Optimization involving Speculative Execution of Function Pointers
Today I discovered a neat optimization that I'd only heard about in graduate school, but had never s...
2020-05-08 10:22:33 | 阅读: 47 |
收藏
|
www.msreverseengineering.com
atl
ptemp
ccomobject
speculative
Automation Techniques in C++ Reverse Engineering
Here are the slides for my recent presentation at RECON, entitled "Automation Techniques in C++ Reve...
2019-08-06 10:24:33 | 阅读: 52 |
收藏
|
www.msreverseengineering.com
slides
rays
reverse
whereas
An Abstract Interpretation-Based Deobfuscation Plugin for Ghidra
Training Classes...
2019-04-18 11:10:27 | 阅读: 49 |
收藏
|
www.msreverseengineering.com
analysis
ghidra
pcode
valued
memory
Removing an Annoying Compiler Optimization with a Hex-Rays Microcode Plugin
As part of my reverse engineering work, I wrote a small plugin to deal with an optimization that had...
2019-01-23 07:39:50 | 阅读: 46 |
收藏
|
www.msreverseengineering.com
rays
microcode
constants
brief
A Quick Solution to an Ugly Reverse Engineering Problem
Training Classes...
2019-01-15 06:05:09 | 阅读: 42 |
收藏
|
www.msreverseengineering.com
rays
reverse
112kb
decompiler
assumptions
Hex-Rays CTREE API Scripting: Automated Contextual Function Renaming
Training Classes...
2018-10-10 12:19:28 | 阅读: 49 |
收藏
|
www.msreverseengineering.com
hexcall
rays
hexdsp
reverse
visitor
Hex-Rays Microcode API vs. Obfuscating Compiler
I wrote a guest blog entry published on Hex-Rays’ website about a project I did involving the Hex-Ra...
2018-09-19 19:28:44 | 阅读: 55 |
收藏
|
www.msreverseengineering.com
rays
involving
decompiler
microcode
Weekend Project: A Custom IDA Loader Module for the Hidden Bee Malware Family
Here's a half-day project that I did this weekend for my own edification. Perhaps someone will benef...
2018-09-03 08:20:19 | 阅读: 56 |
收藏
|
www.msreverseengineering.com
loader
relocations
bee
imports
reverse
The Atredis BlackHat 2018 CTF Challenge
Training Classes...
2018-07-25 06:27:39 | 阅读: 46 |
收藏
|
www.msreverseengineering.com
memory
6502
reverse
printed
jsr
Concrete and Abstract Interpretation, Explained through Chess
I've decided to release my presentation (two slide decks) on the theoretical foundations of abstract...
2018-02-27 15:00:59 | 阅读: 39 |
收藏
|
www.msreverseengineering.com
analysis
chess
mathematics
polishing
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #4: Second Attempt at Devirtualization
[Note: if you've been linked here without context, the introduction to Part #3 describing its four p...
2018-02-22 06:15:19 | 阅读: 43 |
收藏
|
www.msreverseengineering.com
virtualized
seg000
finspy
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #3: Fixing the Function-Related Issues
[Note: if you've been linked here without context, the introduction to Part #3 describing its four p...
2018-02-22 06:15:12 | 阅读: 39 |
收藏
|
www.msreverseengineering.com
virtualized
finspy
prologue
x86callout
junk
FinSpy VM Unpacking Tutorial Part 3: Devirtualization. Phase #2: First Attempt at Devirtualization
[Note: if you've been linked here without context, the introduction to Part #3 describing its four p...
2018-02-22 06:15:08 | 阅读: 60 |
收藏
|
www.msreverseengineering.com
seg000
machine
bytecode
finspy
Previous
1
2
3
4
5
6
7
8
Next