Markus Dauberschmidt

@m_r_tz We had so much fun with that one 😂

Here's how the obfuscation in #flareon12 challenge 7 looks like in source - all just junk code 🗑️

@0gtweet @0x534c But does this automatically allow you to suspend it even if it’s a PPL?

@daubsi @0x534c Werfault is one of the legitimate parent spoofing cases in Windows. Its real parent is svchost.

🛡️🥶 EDR-Freeze abuses WerFaultSecure.exe to suspend AV/EDR via MiniDumpWriteDump — no BYOVD needed. zerosalarium.com/2025/09/EDR-Fr… I wrote a DefenderXDR KQL to catch it by mapping WerFaultSecure PID to core MDE processes. 🫡 detections.ai/share/rule/cic… #CyberSecurity #EDRFreeze #RedTeam #DefenderXDR

#flareon11 started just 2 days ago and already it's in full swing. Done with 5... learnt a ton of new things. Very cool challenge!

@Myrtus0x0 :-D

Oh look what arrived :D

Hacky Easter 2024 is over. Thanks to all supporters and congrats to the 43 Ph1n1sh3rs! Challenges will remain online for some more weeks, and ALL LEVELS WILL BE OPEN to everyone. Support us if you like the event: ko-fi.com/hackyeaster/go… #he2024 #ctf

New #BinaryNinja plugin: ReverserAI. It uses local large language models (LLMs) to derive semantically meaningful function names from decompiler output, demonstrating the potential of local LLMs to support reverse engineering on consumer hardware. Link: github.com/mrphrazer/reve…

@endermanch You should ask @davepl1968 then!

\XPSP1\NT\shell\applets\taskmgr\main.cpp The Task Manager guy must elaborate on this...

🧵 A collection of my favorite pieces from the Windows XP source code. \windows\core\ntgdi\test\teff\poo.txt

Windows Native API Programming by Pavel Yosifovich is on sale on Leanpub! Its suggested price is $34.00; get it for $22.41 with this coupon: leanpub.com/sh/RclfdngY @ZODIACON

@zodiacon That’s great! Thanks! Remember we had a simple sim in university back in the days as well. Looks nice :-)

Simple x86/x64 assembler and emulator: github.com/zodiacon/AllTo…

Quick question: who would like to participate in a Rust course in February, if I open one? Just to get a feel for the level of interest.

@zodiacon Count me in!

@vxunderground Hoodie in XL would be awesome!

Who wants vx-underground merch for Christmas? (It'll probably arrive way past Christmas due to increased volume in shipping, but whatever) Comment on this tweet with what you want and what size. We'll give away like, $800 in merch or something

A 20-part tutorial series on #windows #internals buff.ly/3R89lXc

New course: training.trainsec.net/mastering-wind… Not completed yet, but has substantial material already.

@zodiacon Hi Pavel, will we keep access to the material and/or even get the possibility to download the videos (like with your Kernel Dev material) or is it a time-restricted access? Thx!

Incredible writeups from @jk42 for #FlareOn10 . Very very impressed by the level of detail... Give kudos where kudos is due! Thanks jk! github.com/jk45054/CTF-wr…

Highly recommended!

1st place of the #ECSC2023: Team Germany 🎉 unexpected!! CYBER!!👏

My submission for @HexRaysSA #MyCreepyCodeContest. CFG of main() of the binary "hell" - my submission to this year's #Hackyeaster CTF. A binary obfuscated with github.com/meme/hellscape which definitely lived up to it's name for the participants of the CTF.