Alex Matrosov

9.6K posts

Alex Matrosov banner
Alex Matrosov

Alex Matrosov

@matrosov

Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)

San Francisco, CA Katılım Temmuz 2008
2.4K Takip Edilen20K Takipçiler
Sabitlenmiş Tweet
Alex Matrosov
Alex Matrosov@matrosov·
⛓️Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem. It appears that Intel BootGuard may not be effective on certain devices based on the 11th Tiger Lake, 12th Adler Lake, and 13th Raptor Lake. Our investigation is ongoing, stay tuned for updates.
Alex Matrosov tweet media
BINARLY🔬@binarly_io

⛓️Digging deeper into the aftermath of the @msiUSA data breach and its impact on the industry. 🔥Leaked Intel BootGuard keys from MSI are affecting many different device vendors, including @Intel , @Lenovo, @Supermicro_SMCI, and many others industry-wide. 🔬#FwHunt is on!

English
40
722
1.8K
1.1M
Quentin Kaiser
Quentin Kaiser@qkaiser·
@alexjplaskett And I know @matrosov will tell me humans are not supposed to look because we’re the bottleneck now, but I like looking at things on the ghidra GUI while the agent goes through its tasks. Something mcp is not capable of iirc
English
1
0
0
75
Alex Matrosov
Alex Matrosov@matrosov·
@XenoKovah Forensics is largely solved over MCP, similar to malware analysis and detection engineering. Human attention is rarely required if an agent with the appropriate tools and validation flow is assigned to a task.
English
2
0
7
1.2K
Alex Matrosov
Alex Matrosov@matrosov·
Court is a different story, quite a few hallucinated cases have already been taken to court :-) But my point is that analysis and velocity have improved. Of course, you still need to provide the right harness and have a validation flow in place, but having that kind of setup is just magic compared to the previous manual work. I guess the answer is that an agentic approach, with the proper setup, really does solve a lot of corner cases to make it work.
English
2
0
0
128
mRr3b00t
mRr3b00t@UK_Daniel_Card·
@matrosov @XenoKovah I’m not sure that in a court someone is going to be on with: I asked Claude 🤣
English
1
0
2
124
Alex Matrosov
Alex Matrosov@matrosov·
@XenoKovah @OpenSecTraining Agreed, things are moving fast with everything AI-related. But the fundamental pieces of agentic approaches are what persist and influence mental model change for vuln hunting. I wish I had more time to contribute.
English
0
0
1
108
Xeno Kovah
Xeno Kovah@XenoKovah·
@matrosov @OpenSecTraining We always welcome volunteer contributions. But it’s worth noting that it’s hard to make a class like that which wouldn’t just immediately be out of date. Given the 20-40x overhead of hours-to-make-class-vs-hours-of-class-material, that’s a tough sell for instructors
English
1
0
1
190
Xeno Kovah
Xeno Kovah@XenoKovah·
I just learned about “attention dilution” the hard way as I was trying to optimize the skills we’ll release for this. For a particular prompt it finds 144/144 functions if run on a single binary, and 20/144 when there are 4 parallel pyghidra-mcp servers at once ¯\_(ツ)_/¯
Xeno Kovah@XenoKovah

In other news, @VeronicaKovah and I will be presenting "How much of our Bluetooth firmware reverse engineering work can now be automated with LLMs?" at DEF CON this year! (Spoiler: a lot!)

English
2
4
13
3.9K
Xeno Kovah
Xeno Kovah@XenoKovah·
@matrosov Yep, that’s exactly what I changed to. Though I’m still waiting for Claude to fix up its edits (in typical fashion, the harness which validated the fixes didn’t write out all its changes to the skill correctly so I’m still trying to get it back to just fire-and-forget)
English
2
0
1
297
Alex Matrosov
Alex Matrosov@matrosov·
@chemeris Sonnet is a different class of models. It’s definitely faster and cheaper.
English
0
0
0
42
Alexander Chemeris @ ICML
@matrosov Better than Opus 4.8 in your opinion? And how does it compare to GPT-5.5? I'm using Opus to plan and GPT to execute r/n since it's much more robust
English
1
0
0
59
Alex Matrosov
Alex Matrosov@matrosov·
@LaurencePostrv Coding and agentic improvements make it better at some cyber tasks, but it wasn't designed for it.
English
1
0
1
65
Alex Matrosov retweetledi
Bjoern Kerler
Bjoern Kerler@viperbjk·
New version of the ida rpc is out: github.com/bkerler/ida_rpc Less token usage, better status info, less confusion if used by LLMs
English
1
18
86
6.4K
Alex Matrosov retweetledi
Alex Matrosov
Alex Matrosov@matrosov·
Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long. That's changed now. Beyond the acceleration in vulnerability research and malware analysis, the same new reality applies to software protection, and security by obscurity, or assuming the attacker is limited in compute and motivation, no longer works.
Alex Matrosov tweet media
English
10
40
279
44.3K
Alex Matrosov
Alex Matrosov@matrosov·
@phretor @thegrugq @dyn___ The concept of software will be significantly transformed, becoming less human-centric in its design and functionality.
English
0
0
0
361
Federico Maggi
Federico Maggi@phretor·
@matrosov @thegrugq @dyn___ Just yesterday I’ve mistakenly left auto-mode on and it found a vuln in a post quantum algo implementation. I wasn’t even looking for bugs: I had asked it to look at that Python implementation and replicate it in Go. The final report said “btw, I fixed this bug”.
English
1
0
2
447
Alex Matrosov
Alex Matrosov@matrosov·
Claude Code is a very powerful tool on RE tasks. Looping it with IDA and the decompiler over MCP or idalib delivers very impressive results, especially in combination with dynamic workflows. /goal find and list all the crypto implementations [algo => address] /loop use decompile but verify all the findings with disasm
Alex Matrosov tweet media
English
23
52
391
25.4K
Alex Matrosov
Alex Matrosov@matrosov·
@msuiche @chompie1337 @dyn___ I still recall the time when people were declining decompilers in IDA, and there was nothing preventing them from using both. I suppose it’s a matter of choosing to ignore the wave of progress or enjoy it.
English
1
0
6
462
Alex Matrosov
Alex Matrosov@matrosov·
@viperbjk @pedrib1337 Thanks for sharing. I’ll give it a try. I had a positive experience with ghidra-rpc by @guyru. If the approach is the same but adapted for IDA, it’s definitely worth trying.
English
1
0
3
168
Pedro Ribeiro
Pedro Ribeiro@pedrib1337·
@matrosov My (admittedly limited) testing showed me that headless + IDAPython is superior to MCP for pure LLM usage, do you believe otherwise? idalib does look very promising though.
English
3
1
7
1.7K
Alex Matrosov
Alex Matrosov@matrosov·
@SystemOfOne I’m satisfied with my current setup, but I appreciate you sharing your evals.
English
0
0
3
249
Sanjay Rawat
Sanjay Rawat@tosanjayr·
@eliasbchlny @matrosov This is great and reminds me of Zynamic's ida2sql ( precursor of BinNavi DB exporter plugin). I used that a lot once upon a time. I will now try IDASQL. Thanks for sharing.
English
2
0
1
89
Sanjay Rawat
Sanjay Rawat@tosanjayr·
@0xdead8ead @matrosov This is what my tooling is at the moment. Binja's various ILs with sonnet, Opus, Deepseek etc are a great fit for RE.
English
1
0
3
60
Alex Matrosov
Alex Matrosov@matrosov·
@0xdead8ead 💯 And binja brings a powerful headless mode with multithreading support.
English
0
0
2
269
𝟶𝚡𝚍𝚎𝚊𝚍𝟾𝚎𝚊𝚍
@matrosov I’ve been using Claude with Binary Ninja MCP and have it identifying memory corruption sinks, tracing back to inputs. And then confirming with a remote debugger. Having it write exploits with full ROP chains. Simply amazing.
English
2
0
3
369