Binary Analysis Course: release notes 0x2A
Additions Added Ghidra script to handle stack strings to the analysis scripts chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], or DM me on BlueSky @maxkersten.nl.
Security through explanation
Additions Added Ghidra script to handle stack strings to the analysis scripts chapter To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], or DM me on BlueSky @maxkersten.nl.
The main page for this API client can be found here. This release contains new features, and several bug fixes. One can find the library’s code here. The latest release of the precompiled JAR can be found here. Table of contents New features Bug fixes New features Since Hatching is continuously developing their sandbox (and … Read more
Additions Added Dumping WhisperGate’s wiper from an Eazfuscator obfuscated loader to the malware analysis chapter Changes Changed dnSpy to dnSpyEx in the Debugging Dot Net binaries article, since the original project is not actively developed anymore, whereas the fork is To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], or DM me on BlueSky @maxkersten.nl.
This update marks the fortieth to my Binary Analysis Course! The last update was on the 25th of July 2021, which is admittedly longer ago than I had hoped for. In the months between then and now, I reviewed every single article in the course. In the past, I had already reviewed some articles, which … Read more
This AndroidProjectCreator updates the Log4J dependency, which is used by the org.eclipse.jgit dependency, to version 2.16.0. This update is required because CVE-2021-45046 affects 2.15.0. The previous update to version 2.15.0 addressed CVE-2021-44228. AndroidProjectCreator does not use Log4J internally, as it simply writes log messages to the standard output using System.out. The above-mentioned Git dependency gives … Read more
This AndroidProjectCreator update brings a simple yet required change: the the org.eclipse.jgit dependency uses Log4J, which has a severe remote code execution vulnerability in it, tracked as CVE-2021-44228. To avoid needless error messages, AndroidProjectCreator embeds the logger. The Log4J version that is used, has been updated to a version that is not vulnerable anymore, which … Read more
The atHack conference in Saudi Arabia’s Riyadh, where I presented my Mobile Malware Mimicking framework (m3). The event lasted three days, from the 28th of November until and including the 30th. It was the second physical conference I attended since the pandemic started, the first being Black Hat Europe, which I wrote about previously. In … Read more
The briefing and arsenal presentations of BlackHat Europe 2021 were on 10 and 11 November. It was the first physical European edition since the pandemic started, and it was the first time I attended a BlackHat event. In this blog, I will reflect on the taken COVID measures, the arsenal, the briefings, and the business … Read more
The Mobile Malware Mimicking framework, or m3 in short, is built to easily and scalable emulate Android malware whilst using very few resources. One can create fake bots via the command-line interface. The fake bots can then be loaded into the emulator, which will then schedule all fake bots. Each bot will handle the incoming … Read more
MalPull is designed to download malware samples in bulk using a minimal amount of API calls from services that limit requests. This version purely updates the internals. Those who use the command-line interface of MalPull will not notice any differences. Those who want to use MalPull in their own project will be in for a … Read more