+
Reversing with Radare2
Radare2 (also known as r2) is a complete framework for reverse-engineering and analyzing binaries; composed of a set of small utilities that can be used together …
April 1, 2019
Malware Analysis Archive
+
Ghidra – Software Reverse Engineering Framework
What is GHIDRA? Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, …
March 12, 2019
+
ELF FILE – CHAPTER 3: DYNAMIC LINKER AND SOURCE CODE PROTECTION
Continue to research about ELF. Today I will analyze dynamic linker. Then, I will introduce some tools like obfuscator tool for ELF file. 1. DYNAMIC LINKER: …
October 18, 2018
+
ELF FILE – CHAPTER 2: RELOCATION AND DYNAMIC LINKING
In the previous chapter, I told about ELF file types, the components in ELF format and them’s struct. Today, I will show you the relocation process …
October 11, 2018
+
ELF FILE – CHAPTER 1: THE FILE FORMAT AND SOME TOOLS FOR ANALYSING
Hi, my friends. Today, I present about the ELF (Executable and Linking Format) format and introduce some tools. There are three main types of file: Relocatable …
October 4, 2018
+
New “Early Bird” Code Injection Technique
Researchers have identified what they are calling an Early Bird code injection technique used by the Iranian group APT33 to burrow the TurnedUp malware inside infected …
April 17, 2018
+
Use OllyDbg: Bypass detect debugger – IsDebuggerPresent
When you want to debug a program but it has Detect Debug mechanism so we have to do to be able to continue? In this post, …
October 4, 2017
+
ANDROID MALWARE ANALYSIS TOOL – REVERSE ENGINEERING
Dex2jar dex2jar is a tool to work with files .dex of android and file .jar of java. We can use dex2jar converter file .dex to file …
July 18, 2017