Binary Analysis Course: release notes 0x2B
Additions Added a year in review for 2021-2022 to the miscellaneous chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
Security through explanation
Additions Added a year in review for 2021-2022 to the miscellaneous chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
BlackHat Asia 2022 took place in Singapore’s Marina Bay Sands Expo & Convention Centre on the 12th and 13th of May. Whereas this is the usual location for BlackHat Asia, it was my first time visiting this edition, as well as my first visit to the country. In this blog I will share my impression … Read more
Botconf 2022 took place in France’s Nantes for four days, starting from April the 26th. The first day consisted of workshops, followed by three days of talks. The previous edition, in 2020, was online, making 2019 the last in-person edition. In this blog I will share my impression of the conference, the friends I met, … Read more
Additions Added Ghidra script to handle stack strings to the analysis scripts chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, or DM me on Twitter @Libranalysis.
The main page for this API client can be found here. This release contains new features, and several bug fixes. One can find the library’s code here. The latest release of the precompiled JAR can be found here. Table of contents New features Bug fixes New features Since Hatching is continuously developing their sandbox (and … Read more
Additions Added Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader to the malware analysis chapter Changes Changed dnSpy to dnSpyEx in the Debugging Dot Net binaries article, since the original project is not actively developed anymore, whereas the fork is To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, … Read more
This update marks the fortieth to my Binary Analysis Course! The last update was on the 25th of July 2021, which is admittedly longer ago than I had hoped for. In the months between then and now, I reviewed every single article in the course. In the past, I had already reviewed some articles, which … Read more
This AndroidProjectCreator updates the Log4J dependency, which is used by the org.eclipse.jgit dependency, to version 2.16.0. This update is required because CVE-2021-45046 affects 2.15.0. The previous update to version 2.15.0 addressed CVE-2021-44228. AndroidProjectCreator does not use Log4J internally, as it simply writes log messages to the standard output using System.out. The above-mentioned Git dependency gives … Read more
This AndroidProjectCreator update brings a simple yet required change: the the org.eclipse.jgit dependency uses Log4J, which has a severe remote code execution vulnerability in it, tracked as CVE-2021-44228. To avoid needless error messages, AndroidProjectCreator embeds the logger. The Log4J version that is used, has been updated to a version that is not vulnerable anymore, which … Read more
The atHack conference in Saudi Arabia’s Riyadh, where I presented my Mobile Malware Mimicking framework (m3). The event lasted three days, from the 28th of November until and including the 30th. It was the second physical conference I attended since the pandemic started, the first being Black Hat Europe, which I wrote about previously. In … Read more