So recently a challenge(Layers) from 3kCTF featured control flow flattening using OLLVM. Although I did know about control flow flattening I hadn’t encountered it personally. And as I’ve been experime

In this video, we will cover instructions related to comparing the count of launch arguments in argc and also how the dereferencing of elements in the argv[] array appear in the disassembly to better understand how malware may use these values.

Using Binja…

#flutterobfuscatedapp #mobilesecurity #dartdecompilation #dartobjectpool #reverse-engineering

Hello everyone and welcome to another video on Flutter by FatalSec. In this video we are gonna learn how to deal with an obfuscated flutter application by resolving…

Two ways we can use to deliver malware on macOS silently

ivanti just pushed a patch for a Critical CVSS 9.8 Remote Code Execution Vulnerability that I reported on May 1st 2024, impacting Ivanti Endpoint Manager (EPM). in the following blog post I will be publishing the fully working unauthenticated exploit and…

Basics of WPA GUI

This comprehensive Frida course for Android dives into the powerful capabilities of Frida, a dynamic instrumentation toolkit. Designed for both beginners and advanced users, the course covers essential concepts and techniques for leveraging Frida in Android…

Reverse engineering a binary obfuscated with virtual machine obfuscation. The challenge is vmcrack from Hack The Box.

Identify and extract files from container formats using unblob. - Vector35/blob_extractor

NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support - BlackSnufkin/NyxInvoke

A few months ago, Radare2 (aka r2), an open source disassembler which can be entirely used by command line, started implementing AI plugins…