reverse engineering

This is a tutorial on how to reverse engineer shellcode in malware with Radare2. Spoilers! MalwareTech published a small challenge on his Twitter for reverse engineering embedded shellcode inside of the malware. I thought this was a great opportunity to write a small tutorial on how to do this withRead More →

reverse engineer

 Reverse Engineering Android apk Files: Apktool ApkTool is a tool for reverse engineering third party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also, it makes working with anRead More →

Technology

DriverBuddy is an IDAPython plugin that automates some of the struggle surrounding the reverse engineering of Windows kernel drivers. DriverBuddy Installation Instructions: Create a clone of the repo: git clone https://github.com/nccgroup/DriverBuddy.git Make a copy of the DriverBuddy folder as well as the DriverBuddy.py file into the IDA plugins folder: C:\Program Files (x86)\IDA 6.8\plugins orRead More →