My impression of BlackHat Asia 2022

BlackHat Asia 2022 took place in Singapore’s Marina Bay Sands Expo & Convention Centre on the 12th and 13th of May. Whereas this is the usual location for BlackHat Asia, it was my first time visiting this edition, as well as my first visit to the country. In this blog I will share my impression … Read more

My impression of Botconf 2022

Botconf 2022 took place in France’s Nantes for four days, starting from April the 26th. The first day consisted of workshops, followed by three days of talks. The previous edition, in 2020, was online, making 2019 the last in-person edition. In this blog I will share my impression of the conference, the friends I met, … Read more

Binary Analysis Course: release notes 0x29

Additions Added Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader to the malware analysis chapter Changes Changed dnSpy to dnSpyEx in the Debugging Dot Net binaries article, since the original project is not actively developed anymore, whereas the fork is To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit, … Read more

AndroidProjectCreator 1.5.2-stable release

This AndroidProjectCreator updates the Log4J dependency, which is used by the org.eclipse.jgit dependency, to version 2.16.0. This update is required because CVE-2021-45046 affects 2.15.0. The previous update to version 2.15.0 addressed CVE-2021-44228. AndroidProjectCreator does not use Log4J internally, as it simply writes log messages to the standard output using System.out. The above-mentioned Git dependency gives … Read more

AndroidProjectCreator 1.5.1-stable release

This AndroidProjectCreator update brings a simple yet required change: the the org.eclipse.jgit dependency uses Log4J, which has a severe remote code execution vulnerability in it, tracked as CVE-2021-44228. To avoid needless error messages, AndroidProjectCreator embeds the logger. The Log4J version that is used, has been updated to a version that is not vulnerable anymore, which … Read more

My impression of AtHack 2021

The atHack conference in Saudi Arabia’s Riyadh, where I presented my Mobile Malware Mimicking framework (m3). The event lasted three days, from the 28th of November until and including the 30th. It was the second physical conference I attended since the pandemic started, the first being Black Hat Europe, which I wrote about previously. In … Read more