Zenyard
26 posts

Zenyard
@Zenyard_ai
Your Unfair Advantage in Reverse Engineering
Katılım Şubat 2026
6 Takip Edilen17 Takipçiler

REcon is tomorrow
We'll be there talking about running reversing agents that don't lose the plot halfway through a stripped binary.
Find us. #REcon2026

English

Zenyard is coming to Binary Ninja. 🥷
Binary Ninja has become home to some of the most innovative researchers in the space and it was just a matter of time before we launched here.
Kyle Martin from @vector35 , Yuval Luria and Ziv Brandstein from Zenyard on June 24th for a live stream.
We'll show the full workflow on a real target: whole-binary analysis, renaming across the entire file, multi-file analysis and asking the agent questions grounded in full-binary understanding.
👉 youtube.com/live/JG15oxrWg…

YouTube

English

@reconmtl is next week in Montreal.
One of the few conferences where people talk about what AI actually does to a stripped binary.
We'll be there to talk about running reversing agents you can actually trust. How to use the right model for every task, how to analyze multiple files, and how to get answers from an agent that has context across the whole file.
If you're going, let's meet.

English

Frontier models are powerful. They're also the wrong tool for most tasks inside a binary analysis workflow.
One 50MB sample, analyzed end to end with a frontier LLM: slow, expensive, and still needs manual verification.
Break it into focused tasks. Route each to the right model. The cost drops by ~10x.
That's how Zenyard works.

English

The launcher also adds immediate hostname beaconing to an AWS Lambda endpoint with a fixed User-Agent: linpeas.
Full analysis: zenyard.ai/blog/pipe-fed-…
English

Part 2 follows NeTiS into encrypted C2 and Cloudflare-aware beaconing.
Full analysis: zenyard.ai/blog/netis-clo…
English

NeTiS shows how a MIPS IoT bot can become a launchpad for a mixed-architecture fleet.
Read Part 1: zenyard.ai/blog/netis-iot…
English

Full breakdown on where MCP-style reversing workflows break down, and why tool access alone is not enough for reliable binary analysis: zenyard.ai/blog/mcp-rever…
English

The analysis follows the RAT into its decryption layers, C2 protocol, attribution boundaries, and detection opportunities.
Full analysis: zenyard.ai/blog/environme…
English

The key point: changing runtime conditions can change what the malware decrypts.
Full analysis: zenyard.ai/blog/environme…
English

This sample does not rely on one signal. Not one file, not one process, not one network indicator. We focused on what actually persists across execution. Wrapper structure, resource tampering, and protocol behavior.
Full breakdown: zenyard.ai/blog/symbiote-…
#MalwareAnalysis

English

How is Zenyard Agent different from MCP? 🤔
MCP workflows struggle with real binaries. They operate on snippets, lose context, and tend to hallucinate. Zenyard Agent analyzes entire binaries end to end and keeps explanations grounded in full context.
zenyard.ai/why-zenyard

English







