Objdump's linear sweep
While objdump's linear algorithm makes it fast, there are tradeoffs. For example, if we construct a Linux executable, we find we can insert strings into various headers which objdump will, to no surprise, blindly misinterpret.
Showing posts with label reverse engineering. Show all posts
Showing posts with label reverse engineering. Show all posts
Wednesday, March 01, 2023
Saturday, January 21, 2023
Mm .. Malware Analysis
TL;DR: Analysis of malspam potentially targeting an organization. C#/.NET binary using KoiVM, process hollowing, and abusing vulnerable procexp152.sys driver.
Labels:
analysis,
cryptography,
csharp,
dfir,
dotnet,
dotrunpex,
malware,
python,
reverse engineering,
windows
Subscribe to:
Comments (Atom)
Using Python To Access archive.today, July 2025
It seems like a lot of the previous software wrappers to interact with archive.today (and archive.is, archive.ph, etc) via the command-line ...
-
Latin1 was the early default character set for encoding documents delivered via HTTP for MIME types beginning with /text . Today, only ...
-
From "Overfitting and the strong version of Goodhart's law" : Increased efficiency can sometimes, counterintuitively, lead to ...
-
Playing around with writing malware proof-of-concepts, running red and blue team simulations in my computer lab against Windows Home edition...