NEW BOT Телеграм, страница - 88247875

ReverseEngineering

1.24K subscribers

40 photos

10 videos

55 files

666 links

Download Telegram

About

Blog

Apps

Platform

ReverseEngineering

1.24K subscribers

ReverseEngineering

ReverseEngineering

Calling Convention توضیح: قانونیه که میگه آرگومان‌ ها چطور به تابع داده میشن و نتیجه چطور برمیگرده وقتی دارید مهندسی معکوس میکنی اگه Convention رو نشناسید اصلا نمیفهمید تابع چی از کجا ورودی میگیره و چی رو تغییر میده سه Convention مهم برای مهندسی معکوس…

مثال تشخیص Calling Convention

دیس‌اسمبلی:

mov rdi, rax
mov rsi, rbx
call func

این خط داریم دو آرگومان به func میدیم چون RDI/RSI هست پس کد لینوکسه و
Convention = System V

Example of Calling Convention Detection

Disassembly:

mov rdi, rax
mov rsi, rbx
call func

In this line, we are giving two arguments to func because it is RDI/RSI, so it is Linux code and Convention = System V

@reverseengine

❤1

88 viewsedited 20:04

ReverseEngineering

Enumerating Windows Clipboard History in PowerShell
https://devblogs.microsoft.com/oldnewthing/20230303-00/?p=107894

@reverseengine

Enumerating Windows clipboard history in PowerShell

Doing Windows Runtime things from PowerShell.

❤1

87 views20:13

ReverseEngineering

x86-64 GetPc: SYSCALL

https://medium.com/@5yx/x86-64-getpc-syscall-02f7a3100a27

@reverseengine

x86-64 GetPC: SYSCALL

A look at how SYSCALL can be used to retrieve RIP for shellcode positioning.

❤1

126 views20:13

ReverseEngineering

The ART of obfuscation

https://blog.quarkslab.com/dji-the-art-of-obfuscation.html

@reverseengine

DJI - The ART of obfuscation - Quarkslab's blog

Study of an Android runtime (ART) hijacking mechanism for bytecode injection through a step-by-step analysis of the packer used to protect the DJI Pilot Android application.

❤1

112 views20:15

ReverseEngineering

LayeredSyscall Abusing VEH to Bypass EDRs

https://whiteknightlabs.com/2024/07/31/layeredsyscall-abusing-veh-to-bypass-edrs

@reverseengine

White Knight Labs

LayeredSyscall - Abusing VEH to Bypass EDRs | White Knight Labs

Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.

❤1

127 views20:15

ReverseEngineering

VMProtect Source Code (Leaked 07.12.2023)

intel.cc and processors.cc included

mirror:
https://github.com/jmpoep/vmprotect-3.5.1

@reverseengine

❤1

135 viewsedited 20:18

ReverseEngineering

VMProtect devirtualizer

https://github.com/archercreat/titan

@reverseengine

GitHub - archercreat/titan: Titan is a VMProtect devirtualizer

Titan is a VMProtect devirtualizer. Contribute to archercreat/titan development by creating an account on GitHub.

❤1

132 views20:19

ReverseEngineering

Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device

https://boschko.ca/qemu-emulating-firmware

@reverseengine

Boschko Security Blog

Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device

A step-by-step how-to guide to using QEMU in Ubuntu 18.04 to emulate embedded devices.

❤1

150 viewsedited 20:20

ReverseEngineering

Msdocviewer is a Simple Tool that Parses Microsoft's Win32 API

https://github.com/alexander-hanel/msdocsviewer

@reverseengine

GitHub - alexander-hanel/msdocsviewer: msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation…

msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA. - alexander-hanel/msdocsviewer

❤1

159 viewsedited 20:21

ReverseEngineering

Advanced Root Detection & Bypass Techniques

https://8ksec.io/advanced-root-detection-bypass-techniques

@reverseengine

❤1

130 views20:22

ReverseEngineering

Analysis of Malware Attacked Bank X Customers

https://www.reddit.com/r/MalwareAnalysis/comments/bgqz7m/analysis_of_malware_attacked_bank_x_customers

@reverseengine

From the MalwareAnalysis community on Reddit: Analysis of malware attacked bank X customers

Explore this post and more from the MalwareAnalysis community

❤1

180 viewsedited 20:25

ReverseEngineering

Malware Development: Persistence

https://cocomelonc.github.io/persistence/2025/09/14/malware-pers-28.html

@reverseengine

Malware development: persistence - part 28. CertPropSvc registry hijack. Simple C/C++ example.

❤1

205 viewsedited 20:30

ReverseEngineering

Malware Development Trick 53: Steal Data

https://cocomelonc.github.io/malware/2025/10/22/malware-tricks-53.html

@reverseengine

Malware development trick 53: steal data via legit XBOX API. Simple C example.

❤1

228 viewsedited 20:30

ReverseEngineering

تحلیل یکی از حملات گروه Lynx Ransomware

Analysis of a Lynx Ransomware attack

https://thedfirreport.com/2025/11/17/cats-got-your-files-lynx-ransomware

@FUZZ0x

The DFIR Report

Cat’s Got Your Files: Lynx Ransomware

Key Takeaways The intrusion began with a successful RDP login using already-compromised credentials, likely obtained via an infostealer, data breach reuse, or an initial access broker. Within minut…

❤1

257 views20:33

ReverseEngineering

Malchela

A Yara & Malware Analysis Toolkit
Written in Rust

https://github.com/dwmetz/MalChela

@reverseengine

GitHub - dwmetz/MalChela: A YARA & Malware Analysis Toolkit written in Rust.

A YARA & Malware Analysis Toolkit written in Rust. - dwmetz/MalChela

❤1

207 viewsedited 09:22

ReverseEngineering

Dirty Vanity: A New Approach to Code Injection & EDR Bypass
Clone the shellcode

https://www.deepinstinct.com/blog/dirty-vanity-a-new-approach-to-code-injection-edr-bypass

@reverseengine

❤2

187 viewsedited 09:24

ReverseEngineering

Process Injection without R/W target memory and without creating a remote thread

https://github.com/Maff1t/InjectNtdllPOC

@reverseengine

GitHub - Maff1t/InjectNtdllPOC: Process Injection without R/W target memory and without creating a remote thread

Process Injection without R/W target memory and without creating a remote thread - Maff1t/InjectNtdllPOC

❤1

195 views09:34

ReverseEngineering

Analyzing a Modern In-the-wild Android Exploit

https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html

@reverseengine

projectzero.google

Analyzing a Modern In-the-wild Android Exploit - Project Zero

By Seth Jenkins, Project ZeroIntroductionIn December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsu...

❤2

193 views09:34

ReverseEngineering

Windows_&_PowerShell_Commands_—_Essential_Guide_for_Cybersecurity.pdf

Windows & PowerShell Commands

@reverseengine

❤3

167 views04:41

ReverseEngineering

Rusty Bootkit - Windows UEFI Bootkit in Rust

https://github.com/memN0ps/bootkit-rs

@reverseengine

GitHub - memN0ps/redlotus-rs: Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)

Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus) - memN0ps/redlotus-rs

❤3

157 views04:42

ReverseEngineering

Awesome HyperDbg: A list of awesome resources about HyperDbg

https://github.com/HyperDbg/awesome

@reverseengine

GitHub - HyperDbg/awesome: A list of awesome resources about HyperDbg

A list of awesome resources about HyperDbg. Contribute to HyperDbg/awesome development by creating an account on GitHub.

❤3

153 views04:44