Archives

Plays an important role in Initial Access and Execution stages because it assists malicious programs in remaining active for a long time, thus leading to create a backdoor for threat actor without detection.

Reverse engineering a custom easy keygen to find a valid licence key using static and script

UAC bypass methods usually result in hijacking the normal execution flow of an elevated application by spawning a malicious child process or loading a malicious module inheriting the elevated integrity level of the targeted application.

In the modern cybersecurity, the most dangerous threats are the ones you can not see. Instead of running as easily detectable standalone files, several malwares are able to hide in plain sight by injecting malicious code directly into trusted and legitimate Windows processes. This is a reason why OS get hard to detect them.

Reverse engineering a custom Virtual Machine interpreter to find a valid 10-character licence key using static and dynamic analysis

Deep dive analysis of Xworm malware - examining payload delivery, keylogging, and data exfiltration capabilities

Forensic analysis of a corrupted PE file - restoring Magic Bytes, unpacking UPX, bypassing fake OEPs, and decrypting XOR-encoded strings

Reverse engineering a Golang binary with encrypted functions and custom encoding to extract the flag

Reversing the Knight's tour 6x6 algorithm to find the correct path and target in a challenging reverse engineering problem

Complete forensic analysis of a sophisticated multi-stage APT attack involving phishing, PowerShell payloads, and data exfiltration