Felix Bilstein

A new set of auto-generated rules (courtesy of@fxb_b) has been published to Malpedia and GitHub. It includes 1460 updated rules and 136 new additions.

I have just published a new data set revision of MalpediaFLOSSed, now aggregating 5.6m unique strings gathered from 2.100 malware families. github.com/malpedia/malpe…

Here's a 2025 Malpedia recap for you: malpedia.caad.fkie.fraunhofer.de/recap/2025

I have spent way too much time on writing this #GootLoader JS unpacker and C2 extractor with abstract syntax tree manipulation. 🌳 But I could not stop at having it half done and this malware has 6 layers. I am sorry for the terrible code. github.com/struppigel/hed…

Awesome project by malpedia creator @push_pnx presented at VB2023 Applied one-to-many code similarity analysis using MCRIT Talk: youtube.com/watch?v=CMu1r5…

Extractor updated 🎉 Should now support recent #DarkGate samples and can dump complete config and strings. Still some more Ghidra sessions needed to find out what all the new flags do 😂 github.com/telekom-securi…

I wrote a blog on new features in the IDA plugin for MCRIT, most notably being able to query basic blocks or the whole currently viewed function against a dataset like Malpedia in mere seconds, making it viable as a live companion while analyzing malware.

@mec314 As a follow-up to my previous response, I have now started populating another Github repo with ready-to-use reference data: github.com/danielplohmann… I'm currently running automated extraction for all available MinGW versions and back-process my MSVC symbols for a first milestone.

Another iteration of the YARA-Signator rule set has been generated by @fxb_b and has been published to Malpedia and GitHub. It includes 1273 updated rules and 44 new additions.

I wrote a tool to find #YARA matches in #Ghidra using #Ghidrathon and Python, get it here! 👇 gist.github.com/c3rb3ru5d3d53c…

I wrote a short blog post on MCRIT, the one-to-many code similarity analysis framework that we released as open source recently at @Botconf.

We live in the automation era, recently I played with one of my favorite tools @radareorg main developers Mr. @trufae to automate the #malware analysis using it with @OpenAI

After years of hard work, we finally open-sourced Wattson, our research testbed for investigating and analyzing the effects of cyberattacks on power grids: github.com/fkie-cad/watts… Kudos to @bader_lennart and team @RWTH @Fraunhofer_FKIE @Fraunhofer_FIT

The first commit of x64dbg was 10 years ago today (2013-05-19). Writing a retrospective is harder than I thought, but here is a screenshot of the first version as a sneak peak. Thanks to everybody in the community for the support over the years! Duncan

We just published a new iteration of the YARA-Signator rule set has been generated by @fxb_b and published it to Malpedia and GitHub. It includes 1272 updated rules with 33 new additions.

I was always searching for a cool open source replacement for the 010 Editor. Since I rarely need it, buying it seemed a waste. But it seems my search is at an end. A colleage just send me github.com/WerWolv/ImHex and the first impression is great!

After a great boat ride in the Rhine last night the Forensic Rodeo took place courtesy of the NFI Forensic Rodeo team! Congratulations to the winning team JimmyThreePockets 🥇🥇 #DFRWSEU2023 #DFIR

2023 Global Threat Report - by @CrowdStrike "2022 was a year of explosive, adaptive and damaging threats. Adversaries continue to be relentless in their attacks as they become faster and more sophisticated." crowdstrike.com/global-threat-… #dailydarkweb #cybersecurity

Cool blog post by Karsten König (@CrowdStrike) showing how to modify an existing Linux kernel exploit (CVE-2021-3490) to achieve container escape crowdstrike.com/blog/exploitin…

[THREAD] Finding the real IP of a Cloudflare-hidden website has always been challenging. There are interesting tools out there such as fav-up, written by @noneprivacy, which leverages Shodan to find the real IP address via a favicon lookup. However, you can often find the IP...