ReverseEngineering
ساختار دقیق Red Zone از RSP رو به پایین: 160 بایت آزاد تابع اجازه داره از اون استفاده کنه تا زمانی که سیگنال / interrupt نیاد این فضا دست نخورده میمونه @reverseengine
Detailed structure of Red Zone
From RSP down: 160 bytes free
Function is allowed to use it
This space remains untouched until signal/interrupt arrives
@reverseengine
From RSP down: 160 bytes free
Function is allowed to use it
This space remains untouched until signal/interrupt arrives
@reverseengine
❤2
IDA Pro Plugins For Malware Reverse Engineering
https://www.youtube.com/watch?v=pfBA6y4VLwM
@reverseengine
https://www.youtube.com/watch?v=pfBA6y4VLwM
@reverseengine
YouTube
IDA Pro Plugins For Malware Reverse Engineering
Here are our 5 most used IDA plugins for reverse engineering malware. Expand for more...
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
Twitch
https://www.twitch.tv/oalabslive
OALABS GITHUB
https://github.com/OALabs…
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
Twitch
https://www.twitch.tv/oalabslive
OALABS GITHUB
https://github.com/OALabs…
❤2
zer0ptsCTF 2023 Reverse Engineering Writeups
https://fazect.github.io/zer0ptsctf2023-rev
@reverseengine
https://fazect.github.io/zer0ptsctf2023-rev
@reverseengine
❤2
amateursCTF 2023 Reverse Engineering Writeups
https://fazect.github.io/amateursctf2023-rev
@reverseengine
https://fazect.github.io/amateursctf2023-rev
@reverseengine
❤2
لطفا تا جایی که میتونید پست ها رو فوروارد کنید تا کانال دیده بشه اینجوری به منم کمک بزرگی میکنید و محتواها رفته رفته بهتر و خفن تر میشه ممنون 🩶
Please forward as many posts as you can so that the channel can be seen. This way, you will be a great help to me and the content will gradually become better and more interesting. Thank you 🖤
Please forward as many posts as you can so that the channel can be seen. This way, you will be a great help to me and the content will gradually become better and more interesting. Thank you 🖤
❤9👍1
❤2
Exploit Development: Building Your Own Fuzzer with Bash
https://hackers-arise.com/exploit-development-building-your-own-fuzzer-with-bash
@reverseengine
https://hackers-arise.com/exploit-development-building-your-own-fuzzer-with-bash
@reverseengine
❤2
Detect-it-easy: Program for determining types of files or Windows, Linux and MacOS
https://github.com/horsicq/Detect-It-Easy
@reverseengine
https://github.com/horsicq/Detect-It-Easy
@reverseengine
GitHub
GitHub - horsicq/Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.
Program for determining types of files for Windows, Linux and MacOS. - horsicq/Detect-It-Easy
❤2
Reverse Engineering WebAssembly
https://medium.com/%40pnfsoftware/reverse-engineering-webassembly-ed184a099931
@reverseengine
https://medium.com/%40pnfsoftware/reverse-engineering-webassembly-ed184a099931
@reverseengine
Medium
Reverse Engineering WebAssembly
This is an abridged version of http://www.pnfsoftware.com/reversing-wasm.pdf. For additional details, including footnotes, as well as…
❤1
Time Trvel Triage: An Introduction to Time Travel Debugging using a .NET Process Hollowing
https://cloud.google.com/blog/topics/threat-intelligence/time-travel-debugging-using-net-process-hollowing?linkId=17730646
@reverseengine
https://cloud.google.com/blog/topics/threat-intelligence/time-travel-debugging-using-net-process-hollowing?linkId=17730646
@reverseengine
Google Cloud Blog
Time Travel Triage: An Introduction to Time Travel Debugging using a .NET Process Hollowing Case Study | Google Cloud Blog
The basics of WinDbg and Time Travel Debugging necessary to start incorporating it into your analysis.
❤1
UPX Unpacking: Manual Reverse Engineering
https://guidedhacking.com/threads/how-to-unpack-upx-using-x64dbg.20985
@reverseengine
https://guidedhacking.com/threads/how-to-unpack-upx-using-x64dbg.20985
@reverseengine
❤1
Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2
https://www.irisc2.com/blog/javelin-fud-loader
@reverseengine
https://www.irisc2.com/blog/javelin-fud-loader
@reverseengine
Irisc2
JAVELIN: Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2
JAVELIN enables users to deliver MANTIS stage zero shellcode into memory on target devices without triggering AV, EDR, or XDR solutions.
❤1
Using EDR-Redir to Break EDR Via Bind Link and Cloud Filter
https://www.zerosalarium.com/2025/10/DR-Redir-Break-EDR-Via-BindLink-Cloud-Filter.html?m=1
@reverseengine
https://www.zerosalarium.com/2025/10/DR-Redir-Break-EDR-Via-BindLink-Cloud-Filter.html?m=1
@reverseengine
Zerosalarium
Using EDR-Redir To Break EDR Via Bind Link and Cloud Filter
EDR-Redir uses BindLink Filter and Windows Cloud Filter to inject, corrupt, and disable EDRs.
❤1
Process Hollowing on Windows 11 24H2
https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2
@reverseengine
https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2
@reverseengine
hasherezade's 1001 nights
Process Hollowing on Windows 11 24H2
Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is us…
❤1
Epic
EPIC is a Toolkit for Developing and Building C-to-PIC Shell Code
https://github.com/Print3M/epic
@reverseengine
EPIC is a Toolkit for Developing and Building C-to-PIC Shell Code
https://github.com/Print3M/epic
@reverseengine
GitHub
GitHub - Print3M/epic: Extensible Position Independent Code – shellcode (C/C++) development and building toolkit designed for developer…
Extensible Position Independent Code – shellcode (C/C++) development and building toolkit designed for developer experience, predictability, and modularity. - Print3M/epic
❤1