Written by L. Piper and Cat Self.

Yesterday, as a part of a challenge in one CTF competition, I had to analyze a modified sample of AsyncRAT. I will try to avoid any spoilers, however, I wanted to decode and decrypt strings from AsyncRAT configuration settings.
AsyncRAT is written in C#,…

VSS Hardware Hacking Wiki and Blog Entries

XWorm is a multi-purpose malware family, commonly used as RAT. This post contains a detailed analysis and walk-through the reverse-engineering process.

Offensive Lua. Contribute to hackerhouse-opensource/OffensiveLua development by creating an account on GitHub.

RedLine Stealer is an infamous malware strain that provides cyber-criminals with a reliable payload for stealing sensitive information from…

A Deep Dive Into “DLLHOST.EXE”

In-Depth Control-Flow-Flattening Analysis

Python bindings for BochsCPU. Contribute to hugsy/bochscpu-python development by creating an account on GitHub.

(S6:E57) Secret Handshake A Mutual TLS Based C2 Communication Channel - John Conwell - CypherCon 6.0 - Wisconsin

Secret Handshake A Mutual TLS Based C2 Communication Channel

One of the goals of malware command & control (C2) communication is to blend into…

In this series of posts, I will try to cover all the common knowledge you would need to create your PE bin2bin obfuscator. This year I saw a rise of interest in the topics of software obfuscation and deobfuscation, yet I didn’t see any new open-source projects…

Manual identification, decryption and fixing of encrypted strings using Ghidra and x32dbg.