Hi, I'm Paul.

Hacker

Threat intelligence analyst, security enthusiast and constant learner.

Read about me
Artik Blue's Picture

Malware analysis with IDA/Radare2 - PE Injection techniques, the fundamentals

Introduction Here we go again! During the previous parts of the reversing with radare2 course we’ve been discussing DLL i...

Malware analysis with IDA/Radare2 - DLL Injection techniques, the fundamentals

In today’s part of the series on malware analysis with radare2, we’ll start checking some basic code injection techniques,...

Malware analysis with IDA/Radare2 2 - From unpacking to config extraction to full reversing (IceID Loader)

Introduction In the previous chapters of the course we mainly focused on performing the unpacking process in order to get...

Malware analysis with IDA/Radare2 - Multiple unpacking (Ramnit worm)

Introduction Today we are following our previous post on these series unpacking a sample (Ramnit) that looks a bit more c...

Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)

Greetings again dear malware analysts! In this part of the series we are leaving the initial topics behind to start focusi...

Malware analysis with IDA/Radare2 - Analyzing maldocs (Emotet Dropper)

In general terms, when analysing malware we have to look at the full spectrum focusing on the whole infection process, tha...

Reverse engineering x64 binaries with Radare2 - Dealing with ASLR

Introduction In the previous posts we mainly focused on bypassing DEP and Stack canaries, security mechanisms related to ...

Malware analysis with IDA/Radare2 - C# Malware (Ziraat)

Due to popular demands I’ll continue this reverse engineering course on radare2 by focusing a little bit more on Malware a...

Reverse engineering x64 binaries with Radare2 - Defeating stack canaries

Compiling without no-stack-protector Greetings dear potential binary exploiters. Following the precedent posts where we d...