@msm0.bsky.social
My new post about #malware #deobfuscation - cert.pl/en/posts/202.... I focus on the simple - but powerful - technique of local substitutions. Uses #ghidra and ghidralib. Thx @nazywam.bsky.social for the review.
Deobfuscation techniques: Peephole deobfuscation
In this article we describe a basic deobfuscation technique by leveraging a code snippet substitution.
cert.pl
April 24, 2025 at 1:22 PM
My new post about #malware #deobfuscation - cert.pl/en/posts/202.... I focus on the simple - but powerful - technique of local substitutions. Uses #ghidra and ghidralib. Thx @nazywam.bsky.social for the review.
Ghidralib development continues: py3 support, binary/asm patching, and symbolic propagation: github.com/msm-code/ghi.... I also write docs for people who want to try it. Newest chapter: emulation msm-code.github.io/ghidralib/em...
#ghidra #reverseengineering
#ghidra #reverseengineering
January 6, 2025 at 3:25 AM
Ghidralib development continues: py3 support, binary/asm patching, and symbolic propagation: github.com/msm-code/ghi.... I also write docs for people who want to try it. Newest chapter: emulation msm-code.github.io/ghidralib/em...
#ghidra #reverseengineering
#ghidra #reverseengineering
RULECOMPILE - Undocumented Ghidra decompiler rule language.
A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL
msm.lt/re/ghidra/ru...
#reverseengineering #ghidra
A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL
msm.lt/re/ghidra/ru...
#reverseengineering #ghidra
December 30, 2024 at 7:34 PM
RULECOMPILE - Undocumented Ghidra decompiler rule language.
A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL
msm.lt/re/ghidra/ru...
#reverseengineering #ghidra
A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL
msm.lt/re/ghidra/ru...
#reverseengineering #ghidra
🚀Excited to announce ghidralib – a library that makes #Ghidra scripts drastically shorter and easier to write. I've been using it daily for #reverseengineering and decided it’s time to share!
Check it out: github.com/msm-code/ghi.... And the documentation: msm-code.github.io/ghidralib/.
#infosec #re
Check it out: github.com/msm-code/ghi.... And the documentation: msm-code.github.io/ghidralib/.
#infosec #re
December 23, 2024 at 10:36 PM
🚀Excited to announce ghidralib – a library that makes #Ghidra scripts drastically shorter and easier to write. I've been using it daily for #reverseengineering and decided it’s time to share!
Check it out: github.com/msm-code/ghi.... And the documentation: msm-code.github.io/ghidralib/.
#infosec #re
Check it out: github.com/msm-code/ghi.... And the documentation: msm-code.github.io/ghidralib/.
#infosec #re
Just open-sourced another small OS #ReverseEngineering project: a tiny extension for highlighting Python bytecode using #VsCode.
github.com/msm-code/vsc...
It also serves as a good demo of how to create such plugins (spoiler: it's very, very easy).
#reversing #infosec
github.com/msm-code/vsc...
It also serves as a good demo of how to create such plugins (spoiler: it's very, very easy).
#reversing #infosec
December 12, 2024 at 4:53 PM
Just open-sourced another small OS #ReverseEngineering project: a tiny extension for highlighting Python bytecode using #VsCode.
github.com/msm-code/vsc...
It also serves as a good demo of how to create such plugins (spoiler: it's very, very easy).
#reversing #infosec
github.com/msm-code/vsc...
It also serves as a good demo of how to create such plugins (spoiler: it's very, very easy).
#reversing #infosec
Hi Bluesky. I created a #Ghidra quick search/command palette/launcher plugin called "Ctrl+P". You can search functions, labels, data, bookmarks, focus windows, launch scripts and trigger available action. All in a single Python file.
github.com/msm-code/Ghi...
#reversing #reverseengineering #infosec
github.com/msm-code/Ghi...
#reversing #reverseengineering #infosec
December 1, 2024 at 1:30 AM
Hi Bluesky. I created a #Ghidra quick search/command palette/launcher plugin called "Ctrl+P". You can search functions, labels, data, bookmarks, focus windows, launch scripts and trigger available action. All in a single Python file.
github.com/msm-code/Ghi...
#reversing #reverseengineering #infosec
github.com/msm-code/Ghi...
#reversing #reverseengineering #infosec