expy

Ported Polaris-Obfuscator from C++/LLVM 16 to Python on LLVM 21. 9 passes: encrypted flattening, modular-arithmetic predicates, pointer mazes, function merging, and an X86 MIR pass that makes IDA's decompiler hallucinate variables that never existed. shifting.codes/blog/polaris-o…

Shifting Codes — open-source LLVM obfuscation passes ported from Pluto/Polaris/riscy-business to Python via llvm-nanobind. 17 passes, PyQt6 UI, works with modern LLVM 21. Blog post walking through Pluto obfuscations: shifting.codes/blog/llvm-obfu… GitHub: github.com/expend20/shift…

@pentest_swissky @kmkz_security @two06 Great reading! Just curious what would you do if disassembly or just symbols would be several dozens of megabytes?

Hunting Deserialization Vulnerabilities With Claude - James Williams (@two06) trustedsec.com/blog/hunting-d…

@ifsecure are there any info about Big Sleep itself?

Big Sleep goes brrr

@waleedassar was this causing a BSOD?

nt!RtlpCopyXStateChunk Denial Of Service

@Razvieu a weekend project, will release it in a couple of weeks I guess

@expend20 Looks great, what's it?

which feature of a debugger (or RE tool based on it) you were always missing in WinDBG/x64dbg or CheatEngine?

@CyberGhost13337 on x64 I think it's generally unavailable information, first 4 parameters are passed via registers, so as soon as you enter the function, optimizing compiler will do it's thing and then, in the middle of the function, you no longer have access to parameters

@expend20 I think debuggers often don't display arguments properly. I used to rely on IDA's debugger for this, but its UI is terrible. So I often end up using two debuggers at the same time.

@mrexodia @x64dbg just curiuos is arm64 support planned?

@x64dbg discord.x64dbg.com

It is now super easy to build x64dbg and start contributing, give it a try!🤓

@21verses @krishna_2803 @PTRACE_TRACEME @cystariitm hi! great stuff, are you okay if I incorporate some/all of your passes into shifting.codes?

Had a great time designing an obfuscation engine with @krishna_2803 and @PTRACE_TRACEME for BinaryClash360 by @cystariitm. Found out about a lot of cool stuff - obscure compiler flags, LLVM tricks. Ended up winning second place in the competition too github.com/MrRoy09/VMwhere

Also made a quick video on how to install TitanHide in Windows Sandbox using the SandboxBootkit project. It takes about 3 minutes end-to-end.

@spaceraccoon @nostarch just noticed a small error in ch1 about buffer overflow, my gcc on ubuntu shows "stack smashing detected" even without "-fstack-protector", to replicate intended behavior one would need to add "-fno-stack-protector"

Writing a technical book is only a small fraction of the work. You still need: 1. Technical review 2. General editing 3. Copy editing 4. Cover designing 5. Proof reading <— I am here “From Day Zero to Zero Day” is a way better book thanks to the amazing team at @nostarch and I can’t wait till it’s in your hands. nostarch.com/zero-day

Using LLMs to play Flare-On 11. Much more fun compared to pre-LLMs era. youtu.be/w232BOBfoeA

@x64dbg out of curiosity: what are the factors influencing that decision?

11 years after XP's end-of-life we have decided to completely stop supporting operating systems older than Windows 10. The project will slowly transition to Visual Studio 2022 and Qt 5.15 with CMake, to make it easier for new people to contribute. Exciting updates are coming!

Interestingly making a video from a grained photo will change that still photo grain into video grain (kinda obvious, but nice to see it happens)

BinaryShield a bin2bin x86-64 code virtualizer crackme solution youtube.com/watch?v=7cFgJV…

@sarperavci Great project! If I may ask: where did you get data - parsed ctftime write-up section?

Just launched CTF Search with 24k+ CTF writeups, covering everything from web exploitation to reverse engineering. Check it out! ctfsearch.hackmap.win

Solving easy 'Hack This Game' challenge using Cheat Engine youtube.com/watch?v=aWW_Xa…

@spaceraccoon @nostarch Is the highlighted red content written or not written yet?

Coming soon… 👀 thanks to @nostarch! nostarch.com/zero-day

@exploitsclub @ssnossnossno @lemire @L0Psec @ProjectZeroBugs just curious, are you making the summaries in AI? :)

A newsletter to go with your coffee bug hunting 🗞️ EC #56 Anti-cheat RE from @ssnossnossno @lemire with some ARM NEON register fun @L0Psec reverses some Rust malware MacOS Type confusion bugs @ProjectZeroBugs + Jobs and MORE 👇 blog.exploits.club/exploits-club-…