Zenyard

26 posts

Zenyard banner
Zenyard

Zenyard

@Zenyard_ai

Your Unfair Advantage in Reverse Engineering

Katılım Şubat 2026
6 Takip Edilen17 Takipçiler
Zenyard
Zenyard@Zenyard_ai·
Many binaries don't tell the whole story in one file. But most analysis still happens one file at a time. The overhead of stitching context across DLLs manually is one of the most underappreciated costs in reversing.
Zenyard tweet media
English
0
0
1
18
Zenyard
Zenyard@Zenyard_ai·
Frontier vs. open-source for binary analysis: Frontier wins on deep reasoning tasks. Open-source wins on speed, cost, and staying inside your network. Most reversing workflows need both. The skill is knowing which task goes where.
Zenyard tweet media
English
0
0
0
39
Zenyard
Zenyard@Zenyard_ai·
REcon is tomorrow We'll be there talking about running reversing agents that don't lose the plot halfway through a stripped binary. Find us. #REcon2026
Zenyard tweet media
English
0
0
1
107
Zenyard
Zenyard@Zenyard_ai·
Zenyard is coming to Binary Ninja. 🥷 Binary Ninja has become home to some of the most innovative researchers in the space and it was just a matter of time before we launched here. Kyle Martin from @vector35 , Yuval Luria and Ziv Brandstein from Zenyard on June 24th for a live stream. We'll show the full workflow on a real target: whole-binary analysis, renaming across the entire file, multi-file analysis and asking the agent questions grounded in full-binary understanding. 👉 youtube.com/live/JG15oxrWg…
YouTube video
YouTube
Zenyard tweet media
English
0
1
9
845
Zenyard
Zenyard@Zenyard_ai·
@reconmtl is next week in Montreal. One of the few conferences where people talk about what AI actually does to a stripped binary. We'll be there to talk about running reversing agents you can actually trust. How to use the right model for every task, how to analyze multiple files, and how to get answers from an agent that has context across the whole file. If you're going, let's meet.
Zenyard tweet media
English
0
0
2
26
Zenyard
Zenyard@Zenyard_ai·
Frontier models are powerful. They're also the wrong tool for most tasks inside a binary analysis workflow. One 50MB sample, analyzed end to end with a frontier LLM: slow, expensive, and still needs manual verification. Break it into focused tasks. Route each to the right model. The cost drops by ~10x. That's how Zenyard works.
Zenyard tweet media
English
0
1
1
56
Zenyard
Zenyard@Zenyard_ai·
The launcher also adds immediate hostname beaconing to an AWS Lambda endpoint with a fixed User-Agent: linpeas. Full analysis: zenyard.ai/blog/pipe-fed-…
English
0
0
0
31
Zenyard
Zenyard@Zenyard_ai·
Zenyard Agent analyzed a Go-compiled Linux launcher that embeds LinPEAS-ng, decodes it at runtime, and feeds it into a shell over stdin. The payload runs without a dropped script or temporary second-stage file.
Zenyard tweet media
English
1
0
1
60
Zenyard
Zenyard@Zenyard_ai·
Zenyard Agent analyzed NeTiS beyond propagation. Old-school botnet logic is easier to recognize. Cloudflare-aware beaconing is harder to ignore: browser-shaped HTTP behavior that parses and reuses cf_clearance cookies.
Zenyard tweet media
English
1
0
2
74
Zenyard
Zenyard@Zenyard_ai·
We gave Zenyard Agent a MIPS ELF with no prior context. It uncovered how one infected device can stage payloads across 9 architecture families, cycle through fallback downloaders, kill rival processes, masquerade as httpd, and prepare encrypted C2.
Zenyard tweet media
English
1
0
1
38
Zenyard
Zenyard@Zenyard_ai·
Full breakdown on where MCP-style reversing workflows break down, and why tool access alone is not enough for reliable binary analysis: zenyard.ai/blog/mcp-rever…
English
0
0
0
23
Zenyard
Zenyard@Zenyard_ai·
Connecting an LLM to a decompiler can speed up local checks. But tool access alone does not create binary understanding. The hard part is building and maintaining context across functions, structures, call chains, and missing information.
Zenyard tweet media
English
1
0
1
32
Zenyard
Zenyard@Zenyard_ai·
The analysis follows the RAT into its decryption layers, C2 protocol, attribution boundaries, and detection opportunities. Full analysis: zenyard.ai/blog/environme…
English
0
0
0
30
Zenyard
Zenyard@Zenyard_ai·
Zenyard Agent analyzed the RAT beyond unpacking and into its custom decryption layers and raw TCP protocol. Every generated session tag ended with the low byte 0x99, giving defenders a stable protocol-level hunting pivot.
Zenyard tweet media
English
1
0
3
115
Zenyard
Zenyard@Zenyard_ai·
We gave Zenyard Agent a Petite-packed VB6 RAT with no prior context. It uncovered reflective staging, self-modifying code, SIDT inspection, interrupt traps, FPU validation, segment-register abuse, and port 0x4F probing.
Zenyard tweet media
English
1
1
2
38
Zenyard
Zenyard@Zenyard_ai·
This sample does not rely on one signal. Not one file, not one process, not one network indicator. We focused on what actually persists across execution. Wrapper structure, resource tampering, and protocol behavior. Full breakdown: zenyard.ai/blog/symbiote-… #MalwareAnalysis
Zenyard tweet media
English
0
0
1
19
Zenyard
Zenyard@Zenyard_ai·
How is Zenyard Agent different from MCP? 🤔 MCP workflows struggle with real binaries. They operate on snippets, lose context, and tend to hallucinate. Zenyard Agent analyzes entire binaries end to end and keeps explanations grounded in full context. zenyard.ai/why-zenyard
Zenyard tweet media
English
0
0
0
16