ReverseEngineering – Telegram
ReverseEngineering
@reverseengine
1.25K subscribers
40 photos
10 videos
55 files
666 links
Download Telegram
About
Blog
Apps
Platform
Join
ReverseEngineering
1.25K subscribers
ReverseEngineering
Document the Process of Reverse Engineering

https://blog.deobfuscate.io/reversing-vmcrack

@reverseengine
Reverse Engineering Blog
Reversing VMCrack
Reverse engineering a binary obfuscated with virtual machine obfuscation. The challenge is vmcrack from Hack The Box.
4
207 views
ReverseEngineering
Advanced UEFI Analysis with Binary Ninja

https://binary.ninja/2024/08/23/uefi-firmware-analysis.html

@reverseengine
Binary Ninja
Binary Ninja - Advanced UEFI Analysis with Binary Ninja
Binary Ninja is a modern reverse engineering platform with a noscriptable and extensible decompiler.
6
211 views
ReverseEngineering
Using Symbolic Execution to Devirtualise a Virtualised Binary

https://blog.deobfuscate.io/using-symbolic-execution-for-devirtualisation

@reverseengine
Reverse Engineering Blog
Using Symbolic Execution to Devirtualise a Virtualised Binary
Using symbolic execution to reverse engineer and devirtualise a binary using virtual machine obfuscation.
4
198 views
ReverseEngineering
Reverse Engineering and Instrumenting React Native Apps

https://pilfer.github.io/mobile-reverse-engineering/react-native/reverse-engineering-and-instrumenting-react-native-apps

@reverseengine
pilfer.github.io
Reverse Engineering and Instrumenting React Native Apps
An adventure involving injecting JavaScript into the React Native global context, accessing onPress events, and overriding prototypes
4
189 views
ReverseEngineering
The tragedy of low-level exploitation

https://gynvael.coldwind.pl/?id=791


@reverseengine
gynvael.coldwind.pl
FAQ: The tragedy of low-level exploitation
4
214 views
ReverseEngineering
How IDA 7.2 Installer Password was Found

https://seri.tools/blog/ida-72-password

@reverseengine
seri.tools
How IDA 7.2's installer password was found
4
204 views
ReverseEngineering
Writing a PE Loader for the Xbox in 2024

https://landaire.net/reflective-pe-loader-for-xbox/

@reverseengine
landaire.net
Writing a PE Loader for the Xbox in 2024
Adventures in reinventing the wheel. Also: I hate thread-local storage.
5
202 views
ReverseEngineering
BYOVD to the next level (part 2) Rootkit

https://blog.quarkslab.com/exploiting-lenovo-driver-cve-2025-8061_part2.html

@reverseengine
Quarkslab
BYOVD to the next level (part 2) — rootkit like it's 2025 - Quarkslab's blog
Bring Your Own Vulnerable Driver (BYOVD) is a well-known post-exploitation technique used by adversaries. This blog post is part of a series. In part one we saw how to abuse a vulnerable driver to gain access to Ring-0 capabilities. In this second and final…
1
194 views
ReverseEngineering
Microsoft Windows Cloud Files Minifilter TOCTOU Privilege Escalation

https://blog.exodusintel.com/2025/10/20/microsoft-windows-cloud-files-minifilter-toctou-privilege-escalation

@reverseengine
Exodus Intelligence
Microsoft Windows Cloud Files Minifilter TOCTOU Privilege Escalation - Exodus Intelligence
By Michele Campa Overview In this blog post we take a look at a race condition we found in Microsoft Windows Cloud Minifilter (i.e. cldflt.sys ) in March 2024. This vulnerability was patched in October 2025 and assigned CVE-2025-55680 . The vulnerability…
1
198 views
ReverseEngineering
Let's Create Some Polymorphic PIC Shellcode

https://g3tsyst3m.com/shellcode/pic/Let's-Create-Some-Polymorphic-PIC-Shellcode!/

@reverseengine
1
172 viewsedited  
ReverseEngineering
Repurpose EDR as an Offensive Tool

https://www.safebreach.com/blog/dark-side-of-edr-offensive-tool/

@reverseengine
SafeBreach
EDR as an Offensive Tool | SafeBreach
Learn how SafeBreach developed malware integrated within Palo Alto Networks Cortex XDR, exploiting its ransomware protection feature.
1
195 views
ReverseEngineering
A Collection of incredible Malware Analysis and Reverse Engineering

https://x.com/embee_research/status/1674001545476861954

@reverseengine
X (formerly Twitter)
Matthew (@embee_research) on X
A collection of incredible (non-corporate) malware analysis and reverse engineering blogs that I have personally enjoyed over the years.

All focused on education and knowledge sharing of malware/RE topics.

[1/14] 🧵
(In no particular order)

#malware #education
1
180 views
ReverseEngineering
GoogleCTF 2024 Writeups

https://blog.huli.tw/2024/06/28/en/google-ctf-2024-writeup/

@reverseengine
Huli's blog
GoogleCTF 2024 Writeups
For the past half year, I have been busy with other things and haven’t had a chance to participate in a CTF. This time, I made time for GoogleCTF 2024 and solved all the web challenges with my teammat
1
176 views
ReverseEngineering
PWN

https://pwn.college/dojos

@reverseengine
pwn.college
Learn to Hack!
1
164 viewsedited  
ReverseEngineering
MuddyWater’s DarkBit ransomware cracked for free data recovery 😂🫵

https://www.bleepingcomputer.com/news/security/muddywaters-darkbit-ransomware-cracked-for-free-data-recovery

@FUZZ0x
BleepingComputer
MuddyWater’s DarkBit ransomware cracked for free data recovery
Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang's encryptors, allowing them to recover a victim's files for free without paying a ransom.
1
175 viewsedited  
ReverseEngineering
Adaptix C2

https://github.com/Adaptix-Framework/Extension-Kit


Blogs:
https://adaptix-framework.gitbook.io/adaptix-framework/blogs



https://github.com/Adaptix-Framework/AdaptixC2

sudo apt install mingw-w64 make

wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz -O /tmp/go1.24.4.linux-amd64.tar.gz
sudo rm -rf /usr/local/go /usr/local/bin/go
sudo tar -C /usr/local -xzf /tmp/go1.24.4.linux-amd64.tar.gz
sudo ln -s /usr/local/go/bin/go /usr/local/bin/go

sudo apt install gcc g++ build-essential cmake libssl-dev qt6-base-dev qt6-websockets-dev qt6-declarative-dev

git clone https://github.com/Adaptix-Framework/AdaptixC2.git
cd AdaptixC2
make server
make extenders
make client
cd dist
chmod +x ssl_gen.sh
./ssl_gen.sh

./adaptixserver -profile profile.json
./AdaptixClient


Document:
https://adaptix-framework.gitbook.io/adaptix-framework

@reverseengine
GitHub
GitHub - Adaptix-Framework/Extension-Kit: AdaptixFramework Extension Kit
AdaptixFramework Extension Kit. Contribute to Adaptix-Framework/Extension-Kit development by creating an account on GitHub.
1
205 viewsedited  
ReverseEngineering
BypassAV

https://github.com/matro7sh/BypassAV

@reverseengine
GitHub
GitHub - matro7sh/BypassAV: This map lists the essential techniques to bypass anti-virus and EDR
This map lists the essential techniques to bypass anti-virus and EDR - matro7sh/BypassAV
👍41
267 views
ReverseEngineering
Linux Rootkit Malware

https://www.fortinet.com/blog/threat-research/deep-dive-into-a-linux-rootkit-malware?utm_source=chatgpt.com

@reverseengine
Fortinet Blog
Deep Dive Into a Linux Rootkit Malware
An in-depth analysis of how a remote attacker deployed a rootkit and a user-space binary file by executing a shell noscript.…
1
234 views
ReverseEngineering
Learn Binary Exploitation

https://github.com/Adamkadaban/LearnPwn

@reverseengine
GitHub
GitHub - Adamkadaban/LearnPwn: Learn Binary Exploitation with sample problems and solutions
Learn Binary Exploitation with sample problems and solutions - Adamkadaban/LearnPwn
1
260 views
ReverseEngineering
Rootkit Technique to Hook the SSDT via Alt Syscalls

https://fluxsec.red/hells-hollow-a-new-SSDT-hooking-technique-with-alt-syscalls-rootkit

Poc: https://github.com/0xflux/Hells-Hollow

@reverseengine
fluxsec.red
SSDT Hooking via Alt Syscalls for ETW Evasion
Discover how Hells Hollow introduces a novel SSDT hook primitive in Rust by manipulating the kernel’s Alt Syscalls mechanism—enabling ETW bypass, return-value patching, and PatchGuard-resistant rootkit capabilities on Windows 11. Deep dive with POC code and…
1
294 views
ReverseEngineering
This media is not supported in your browser
VIEW IN TELEGRAM
Kill EDR Processes Permanently

User-Mode Code and Its Rootkit

https://github.com/SaadAhla/dark-kill

@reverseengine
1
373 views