d35ha

🎙️ The next episode of Behind the Binary is here! In this episode we wrap up FLARE-On 12. We chat with several challenge authors (including the final challenge), discuss some creative cheating, and look at the impact of AI on the CtF 👇 open.spotify.com/episode/4jPPhf…

this is cool: Internet Detector changes the background of your malware analysis VM if you forget to re-enable "host only mode". security.googlecloudcommunity.com/community-blog…

That's a wrap #flareon12 read the official solutions and see the prize here: security.googlecloudcommunity.com/community-blog…

One day to go! #flareon12 Here's a breakdown of the current registered users and challenge solve counts.

FLARE-VM just got a serious upgrade — new GUI, automated builds, and 288+ tools (with better IDA + Go support). The latest update brings: 🧰 Revamped installer ⚙️ New Python script for full VM automation 📚 (cont) bit.ly/48VetqY

⏲️ 1 week out! Flare-On 12 kicks off next Friday, Sept. 26, at 8 PM EST. It's time to prove your #ReverseEngineering skills in this ultimate annual challenge. 🎮 Catch it live here 👉 bit.ly/3I6yLDf

Tick, tock! ⏰ The countdown is on—just 1 month until Flare-On 12 drops! Test your #ReverseEngineering skills starting Sept 26 at 8PM EST. Don’t miss the annual challenge ➡️ bit.ly/4n0TqHm

The 12th Annual Flare-On Challenge kicks off Sept 26 at 8PM EST! Reverse engineering pros, from Windows to Web3 (with a YARA twist), it's your time to shine. 🏆 Get ready → bit.ly/4ofb5g8 #FlareOn12

Check out our #flareon11 challenge solutions at cloud.google.com/blog/topics/th…

Check out the new FLARE-powered podcast 🎧 "Behind the Binary, the podcast that introduces you to the fascinating people, technology, and tools driving the world of reverse engineering." Available on Spotify open.spotify.com/show/3yWgmIuhW… and other podcast platforms. Hosted by @jstrosch

The Flare-On Challenge is back for its 11th year! 🔥 This #CTF-style challenge for current and aspiring reverse engineers features puzzles across Windows, Linux, Web3, and even YARA. Learn more and get ready to compete → bit.ly/3TwZ7AG #Flareon11

Over 3000 users registered for #flareon11 in the first five days. Join the fun at flare-on11.ctfd.io - there's 🐸

@0xbahaa Congrates, keep going 🎉❤️❤️

I've just finished #flareon8, with slow and somewhat-steady progress. Much love and thanks to everyone involved 🌟. And just like #flareon7, I gained TONS of knowledge in many topics 🤓

Just decrypted the @elastic security EDR signature database [drive.google.com/file/d/1doTCZK…]; including ML models, detection rules, encoded lua scripts, yara rules, exception-lists and block-lists.

@d35hax I'm sure that ur brain can decode and understand those complex expressions, my dear superhuman friend 👽.

Edit > Plugins > Hex-Rays Decompiler > Options > Max commas 😁

For shellcode obfuscation, currently I'm refactoring obfusion [github.com/kgretzky/obfus…] adding support for x64.

The new version features the following: [+] Fully redesigned (more robust and clean code). [+] Symbols are resolved by hashes instead of names. [+] Support for symbols imported by ordinals. [+] Stealthy shellcode execution.

Recently, I've decided to refactor my old projects, here is the first one, CallObfuscator [github.com/d35ha/CallObfu…], it's an obfuscator used to hide (replace) the PE imports with other imports those are less suspicious (less chance to get flagged by analysts).

Have a running exe delete itself while running