-
Tweets70
-
Followers914
-
Following5
-
Likes50
@Farenain Great! You will have a second implementation to look at soon in miasm-rs 😉
While there are several frameworks for #reverseengineering that provide features we needed to see through Wslink’s virtual-machine-based obfuscator, we used @MiasmRe in this project simply because it’s actively maintained and we’re already familiar and satisfied with it. 4/5
@_trou_ It's more and more difficult to "manually" address problems generated by tools : 25 years ago, obfuscation, optimizations or even program size had "human size". Now, most of them are tool generated (even source code). So we also have to use tools to be able to solve them.
Little update: based on the great @NCCGroupInfosec blog post (research.nccgroup.com/2021/10/12/a-l…), we added color support for IR and ASM graph output: Thank you guys !
@MiasmRe you have a fan :) research.nccgroup.com/2021/10/12/a-l…
I finally decided to publish my complete toolset written for Tinynuke analysis You'll find config and injects grabber, dll extractors, Ghidra deobfuscation scripts and @cea_sec miasm based scripts github.com/Heat-Miser/tin… #Tinynuke #ReverseEngineering #Malware
@crackin76726107 Hum, as Miasm is a framework, I would answer "as the user has decided to implement it" :) To be honest, the picture gives nearly no clue. Is it code flattening?
@BincatLady @moyix Yes, the core algorithms are re-coded in Rust to improve speed (Jitter / Lifter / code analysis / ... ) and to clean APIs a bit :) But bindings allow python scripting currently!
@crackin76726107 Yes, you have a nice one there:
Giving the workshop on code deobfuscation was great fun. Thanks for your active participation! #HITB2021AMS Check out code, slides and samples here: github.com/mrphrazer/hitb…
@crackin10554874 Hi @crackin10554874, can you be a bit more precise for example on the Miasm gitter ? gitter.im/cea-sec/miasm
Giving the workshop on code deobfuscation was great fun. Thanks for your active participation! #HITB2021AMS Check out code, slides and samples here: github.com/mrphrazer/hitb…
Congratulation, you both succeeded in: - resolving the challenge - writing a great tutorial on how to add a custom architecture in Miasm & exploit the IR!
Writeup for FCSC CTF 2021 - 'VMV' "Defeating Nested Virtualization with @MiasmRe" mrt4ntr4.github.io/FCSC21-CTF-VMV/ I explain how to write a custom architecture in Miasm and then use some pattern detection logic to solve the challenge. This took most of my time, Hope you guys like it!
If you want to learn more about control-flow graph construction, analysis and loop detection, check out my slide deck. I also wrote a blog post on how these concepts can be easily explored with @MiasmRe. synthesis.to/2021/03/15/con…
A good example of automatic code deobfuscation based on pattern matching is stadeo by @ESET. They use @MiasmRe to automatically remove control flow flattening for the stantinko malware family. github.com/eset/stadeo
@mr_phrazer @r2gui Great workshop Tim! Hopefully, IR translation/symbolic execution/z3 translation will be nearly instantaneous in the @rust version of miasm ;)
Friday, 19:00 GMT+2 at #r2con2020: In a live coding, I will use @r2gui and @MiasmRe to automatically identify and remove opaque predicates in an APT malware sample. Check it out: rada.re/con/2020/youtu…
Emulating the NotPetya bootloader with @MiasmRe, an article by @la_F0uin3 and myself, translated from an article originally published in @MISCRedac : aguinet.github.io/blog/2020/08/2… Code available here: github.com/aguinet/miasm-…
@0xrepnz @_sudhackar For a real case symbolic execution example, here is (an old) one: miasm.re/blog/2016/09/0…
@rh0main If I don't mess up, api-ms-win-core-processthreads-l1-1-2 is not present in the ApiSet, and it's present on the disk (in the downlevel sub dir). So I definitively miss something here.
I am missing something here; On windows 10 15063: - In kernel32, IsProcessCritical is an export redirected to api-ms-win-core-processthreads-l1-1-2.IsProcessCritical - no ApiSet for this dll - in this dll, IsProcessCritical is... a redirected export to kernel32.IsProcessCritical
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Axel Souchet @0vercl0k
13K Followers 583 Following ¯\_(ツ)_/¯, blogging on https://t.co/36oOc8Mgha and posting codes on https://t.co/P83Oen94Rc.
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
Ange @angealbertini
25K Followers 917 Following Reverse engineer, file formats expert. Corkami, CPS2Shock, PoC||GTFO, Sha1tered, Magika... Security engineer @ Google. He/him.
Adrien Guinet @adriengnt
3K Followers 926 Following LLVM, C++, binary analysis and cryptography with 🧐 Also on @[email protected]
Romain THOMAS @rh0main
4K Followers 944 Following No longer here. https://t.co/7pANImx70w https://t.co/uhAhqoJWhH https://t.co/9MSpkLkKPz
Hash Miser @H_Miser
9K Followers 1K Following Internet janitor, #CERT #BlueTeam and Whisk(e)y enthusiast "Everything you do is useless ! Enjoy 🍻" [email protected] https://t.co/pBOfukJZJi
Jiří Vinopal @vinopaljiri
10K Followers 565 Following Threat Researcher at Check Point @_CPResearch_ All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
lanadelreyslefthood @mooofinnn
308 Followers 985 Following Digital forensics with lil-@l3akctf; lana del rey stan account !
Byte Bear @0xBtyeBear
0 Followers 12 Following
︎ @0xocdsec
4K Followers 8K Following ︎ 🏴☠️ 🇪🇺 💚 🇺🇦 | computers & features | 💚 🏴☠️ party | 603,628 km² https://t.co/F5dgX7AEoL
AVA @a1v7a9
6 Followers 1K Following
BlueEye @BlueEye46572843
773 Followers 947 Following Security research @GroupIB . Interested in #APT research and targeted #malware. @GroupIB_TI Opinions are my own not of my employer.
Ryan Tsang @rchtsang
4 Followers 52 Following ECE PhD Student @ UC Davis Embedded Systems and Firmware Security
Hans Fischer @HansFischer4368
1 Followers 507 Following Infosec, Entrepreneur, Lifestyle Coach, Food Enjoyer, Business Angel, Web Surfer, Air Breather, Author, Philantropist, CEO of Cyber, Artist, Crypto Investor
Leandro Fróes @leandrofr0es
426 Followers 985 Following Reverse Engineer & Developer | @MenteBinaria | Opinions are my own.
Antoussaka @antoussaka
26 Followers 2K Following
Researcher @bh_secresearch
0 Followers 8 Following
Michael @CalnetMike
6 Followers 393 Following
Ripsough @ripsough15280
11 Followers 1K Following
rbx @sadc0der
61 Followers 165 Following A single dream is more powerful than a thousand realities. https://t.co/L7L9P4W7Bs
SealOSRS @SealOSRS
98 Followers 615 Following Twitch Affiliate at https://t.co/CNQW2kZiwE | Pet hunting (22/51) on a zerker. Trying to actually get good at this game.
GossipSec @gossipsec
13 Followers 1K Following
Belsazar @VirtualBelsazar
67 Followers 237 Following
itewqq @lyq_sqsp
2K Followers 688 Following Security researcher @DarknavyOrg. CTF player @0ops_ctf. Somehow got a PhD on hardware stuff @SJTU1896. Opinions/Shitposts are my own.
Cirdo @MrCirdo
28 Followers 480 Following
Squeamish Ossifrage @sqmshossifrage
7 Followers 284 Following hardware hacker by day mathematician by night
race0 @61617469665f736
90 Followers 778 Following
RF_ReadOnly @ReadonlyRf
2 Followers 535 Following
Erwan Grelet @ergrelet
710 Followers 240 Following Fond of reverse engineering and software development. Doing security engineering at some company. 🐘: @[email protected] 🦋: @ergrelet.bsky.social
0r3ak @0xTback
78 Followers 982 Following
Luca Giardullo @GiardulloLuca
3 Followers 2K Following
h3kt0r_ @h3kt0r_
84 Followers 2K Following h3kt0r_ is no Trojan ... At the moment doing cyber things in IT and OT. Other stuff is Wetware Hacking and Big Data 🔮🔬mostly in medical research.
K Feiszt @feiszt
26 Followers 737 Following
重黎 @zhongli23333
47 Followers 1K Following
Hypercall @Hypercall3
13 Followers 58 Following
Icefrog2000 @Frog2000I
15 Followers 483 Following
Cristian Cantos @kriwarez
1K Followers 3K Following AI Prompter @kriwareAI. Security Analyst at @layakk. Staff at @rootedcon YouTube: https://t.co/u8DirnFlCh
cnanyu @cnanyu_sec
2 Followers 78 Following
@schy @A5chy
81 Followers 708 Following Those who want to success, find the means, others find excuses.
0xmrk @0xm4rc
787 Followers 3K Following
usul_fremen @usul_fremen
35 Followers 447 Following
Ccccccccvm @Cccccccccvm
2 Followers 114 Following
Florent Monjalet @fmonjalet
70 Followers 73 Following
Pierre @pi3rre
958 Followers 3K Following IT / network security (@IvreRocks, #scapy), photography, politics. Mastodon: @[email protected]
Kostya Kortchinsky @crypt0ad
8K Followers 139 Following 🇫🇷 grep'ing for memcpy() since 2002AD. Currently @ Databricks. Formerly GOOG, MSFT. Tweets are my own, and sometimes attempts at being funny.You might like
