Shak Reiner

My recent research in collaboration with @IntezerLabs has just been published! We mapped the Russian APT ecosystem by gathering and classifying thousands of malicious samples to detect and analyze code similarities between them. Check it out @ https://research.checkpoint.com/russianaptecosystem …pic.twitter.com/SFUUA1Q96O

We just released Cutter v1.9 on #r2con2019 with a HUGE surprise - a full integration of Ghidra decompiler in Cutter! Download v1.9 with the Decompiler from https://cutter.re  For more info, keep reading >>pic.twitter.com/MC9eeDdyRi

This made me laugh sooo hard BEST FESTIVAL EVER!pic.twitter.com/Cb0YdyCrPa

At #ArkCon 2019, learn how to reverse an RDP attack. @EyalItkin of @_CPResearch_ shares how he broke the 3 most popular RDP clients: http://bit.ly/2THPaTW  #pwned #threatresearchpic.twitter.com/I05nobDqCL

What #BackSwap malware has to do with The Legend of Zelda, Scarface, Putin and Cartman? My exhaustive analysis of BackSwap was just published! + Bonus: radare2 (@radareorg) python script to extract and decrypt its shellcode and web-injects! Check it out @ https://research.checkpoint.com/the-evolution-of-backswap …pic.twitter.com/0LLNbJqa52

Just published the 2nd part of my analysis of APT33's Dropshot malware! We'll use Cutter (@r2gui) and radare2 to understand Dropshot's Anti-Emulation techniques and will decrypt its payload using @radareorg Python API. Check it out @ https://www.megabeets.net/decrypting-dropshot-with-radare2-and-cutter-part-2/ …pic.twitter.com/f1pTAglupJ

Who said radare2 doesn't have a decent GUI? | Decrypting the encrypted strings of APT33's Dropshot malware using Cutter (@r2gui) and @radareorg's Python API. Check it out @ https://www.megabeets.net/decrypting-dropshot-with-radare2-and-cutter-part-1 …pic.twitter.com/8loEAG07IW

Now it is super easy to convert your IDA IDB to a radare2 initialization script! Just use the improved http://idb2r2.py  script and that's all! :) https://github.com/radare/radare2ida/blob/master/ida2r2/idb2r2.py … | @radareorgpic.twitter.com/8PqOlG9DFW

Teaser: Static unpacking and string decoding of APT33's Dropshot/StoneDrill malware using Cutter (@r2gui) and radare2 Python API. Soon to be published on https://www.megabeets.net . @radareorgpic.twitter.com/XN90gK9vKZ

It took awhile but it's finally here – Reversing a Self-Modifying Binary with the almighty radare2! Check it out @ https://www.megabeets.net/reversing-a-self-modifying-binary-with-radare2 … @radareorg #radare2pic.twitter.com/YCipzGaWGE

Let's use radare2 to reverse engineer a Gameboy ROM! Check it out @ https://www.megabeets.net/reverse-engineering-a-gameboy-rom-with-radare2 … @radareorg #radare2pic.twitter.com/7FJOB3SdKS