How I Bypassed Amazon's Kindle Web DRM Because Their App Sucked
As it turns out they don't actually want you to do this (and have some interesting ways to stop you)| Cats with power tools
Analysing Pixelmelt's Javascript Virtualisation Obfuscation - A Research Study| Cats with power tools
A good VM is a constantly changing VM| Cats with power tools
Text obfuscation with no JavaScript? How?| Cats with power tools
JavaScript exception handling can be exploited to create non-linear code flow that confuses analysis.| Cats with power tools
Notes on virtualization obfuscation of JavaScript.| Cats with power tools
JavaScript quirks that can be used for obfuscation.| Cats with power tools
Usage of branch encryption in various obfuscation contexts.| Cats with power tools
As it turns out they don't actually want you to do this (and have some interesting ways to stop you)| Cats with power tools
--- This is the second part on the VirtualGuard Protector series which focuses on the virtualizat| mrT4ntr4's Blog
--- This part focuses more on the basic obfuscation techniques used in .Net samples such as Contr| mrT4ntr4's Blog
So recently a challenge(| mrT4ntr4's Blog
So recently a challenge(Layers) from 3kCTF featured control flow flattening using OLLVM. Although I did know about control flow flattening I hadn’t encountered it personally. And as I’ve been experime| mrT4ntr4's Blog
Uncover the dangers of a malicious plugin that can steal admin credentials and compromise your WordPress site security.| Sucuri Blog
Client-facing apps, by nature, contain blueprints on how to access guarded information, and these apps live in the hands of the public.| ITOps Times
As a reverse engineer, every now and then you encounter a situation where you dive deeper into the internal structures of an operating system as usual. Be it out of simple curiosity, or because you need to understand how a binary uses specific parts of the operating system in certain ways . One of the …PEB: Where Magic Is Stored Read More »| Malware and Stuff
In the last episode … As you’ve probably guessed it, this is the second part of my journey to reverse engineer a virtual machine protected binary. If you haven’t read the first part[1], I encourage you to do so, because I will not repeat everything again here. While the first part dealt with explaining the …Taming Virtual Machine Based Code Protection – 2 Read More »| Malware and Stuff
You probably already guessed it from the title’s name, API Hashing is used to obfuscate a binary in order to hide API names from static analysis tools, hindering a reverse engineer to understand the malware’s functionality. A first approach to get an idea of an executable’s functionalities is to more or less dive through the …Deobfuscating DanaBot’s API Hashing Read More »| Malware and Stuff
Overcoming obfuscation in binaries has always been an interesting topic for me, especially in combination with malware. Over the last weeks I’ve been playing around with Virtualised Code Protection in order to see how well I could handle it. I decided to download a simple crack-me challenge which is obfuscated with this technique. It takes …Taming Virtual Machine Based Code Protection – 1 Read More »| Malware and Stuff
