P0C

@FlxP0C

IT Security | Reverse Engineering | Malware | Former member of | Team Lead in R&D at at day | Malware Reversing at night

/dev/random
Vrijeme pridruživanja: svibanj 2010.

Tweetovi

Blokirali ste korisnika/cu @FlxP0C

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @FlxP0C

  1. proslijedio/la je Tweet
    31. sij

    I keep forgetting how to use the Python bindings for the Unicorn Engine, so I created a nice README for it. I plan to add a complete code walkthrough but for now it’s still a nice reference.

    Poništi
  2. proslijedio/la je Tweet
    17. lis 2019.

    Many of you have seen in the wild and in sandboxs, but I've seen few who've had the malware move toward full domain compromise in a lab environment. Take a read and make sure your powershell detection is ready.

    Prikaži ovu nit
    Poništi
  3. 17. kol 2019.

    The Dnschess challenge was quite nice. But now my brain is fried and I need a break

    Poništi
  4. proslijedio/la je Tweet
    8. lip 2019.

    "We build our computer systems the way we build our cities: over time, without a plan, on top of ruins." — Ellen Ullman

    Poništi
  5. proslijedio/la je Tweet
    2. svi 2019.

    The FormBook malware has a creative approach to hiding encrypted strings - it stores them in gibberish code as operands and retrieves them using a small disassembly engine. Wrote a short post about it here:

    Poništi
  6. proslijedio/la je Tweet
    28. tra 2019.

    🔥 New blog: Hancitor's packer demystified 🔥: | 📖 step-by-step unpacking guide | 🧐 insight into a packer which has been used by many malware families | 🙏 h/t for sharing samples & writeups:

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    23. tra 2019.

    Post 2: we take a look at many other features of from a source code perspective, such as antivirus evasion techniques as well as secrets, unused code, and indicators buried in commented code. >> Read:

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    22. tra 2019.

    We found the full CARBANAK source code & previously unseen plugins. Our team spent 500 hours analyzing the 100,000+ lines of code. & just dropped day 1 of their 4-part blog series: Source code linked in blog. 🦈💳

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    22. tra 2019.
    Poništi
  10. proslijedio/la je Tweet
    10. tra 2019.

    QScripts: a simple productivity plugin for IDA scripting ()

    Poništi
  11. proslijedio/la je Tweet
    28. ožu 2019.

    We just released mkYARA: a tool to generate YARA rules based on executable code, wildcarding variable values such as stack offsets, memory addresses etc.

    Poništi
  12. proslijedio/la je Tweet

    I wrote a blog post on what I think it means to be a distinguished engineer or technical fellow.

    Prikaži ovu nit
    Poništi
  13. 22. ožu 2019.

    Using IDA Python to analyze Trickbot: How to deal with encrypted strings and an IAT created during runtime in IDA Python. My latest piece on

    Poništi
  14. proslijedio/la je Tweet
    21. ožu 2019.

    - A new, super cool, plugin we just released. A modular framework for identifying and matching open source library symbols within large binaries. kudos to for creating it (!) Check it out.

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    18. ožu 2019.

    A tutorial walking through the process of devirtualising programmes protected by VMProtect 3

    Poništi
  16. proslijedio/la je Tweet
    18. ožu 2019.

    Analysis of BlackMoon (Banking Trojan)'s Evolution, And The Possibility of a Latest Version Under Development

    Poništi
  17. proslijedio/la je Tweet
    13. ožu 2019.

    I've finally got around to completing my first post on reversing , specifically, unpacking and analyzing the first stage loader (executable): As always, all samples mentioned have been uploaded to

    Poništi
  18. proslijedio/la je Tweet

    Two popular games and one gaming plaform application were found having a similar backdoor planted by a group that compromised the asian developpers. Our analysis:

    Poništi
  19. proslijedio/la je Tweet
    5. velj 2019.

    In latest article, we present our analysis of loader, including a few examples of sample deobfuscation using idaapi.

    Poništi
  20. proslijedio/la je Tweet
    3. sij 2019.

    i wrote a piece on the career choices managers often don't realize they're making, especially around technical leadership vs organizational leadership. ✨get what the fuck you want out of your career in 2019✨

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·