Binary Analysis Course

After the overwhelming positive replies about my write-up from Reddit users on /r/ReverseEngineering and /r/Hacking, I decided to make a series in which I analyse binaries together with insight and additional information on why decisions were made. The “Table of Contents” for these series can be found here and will be updated regularly. For now, … Read more

Cisco Cyber Security Expo CTF

On the 16th of January 2018, I participated in the CTF of Cisco at DeFabrique in Utrecht. The duration of the CTF was from 10:00 until 15:45, nearly 6 hours. After solving quite some challenges, I managed to secure the second place and won a Raspberry Pi 3 and a couple of Ikea Smart Lamps. … Read more

34c3 Lightning Talk

This year during the 34c3 Congress, I held a lightning talk about Capricorn. During this presentation I asked for suggestions, feedback and possible collaboration. I’m glad to announce that this talk has sparked the interest of multiple people at the congress, but also via e-mail and Telegram afterwards. The conversations that I’ve had afterwards were … Read more

Android Malware Decryption Analysis

This is the first Malware Analysis I’ve posted, more will follow in the future. The malware has two layers of encryption which I’ve decrypted and analysed. In the report is a link to my Github repository for an automated decryption tool. The report can be downloaded here.

Capricorn: the header update

Malware is always changing and evolving, and so should anti-malware solutions. Because of the nature of the anti-malware solutions, they’re always ‘defending’ a system: only after the user downloads or executes something, the solution interacts with the newly created file or process. Based on sample analysis, new mitigation techniques are created and deployed. Ideally, one … Read more

Two new whitepapers added

Today, I’ve released my first two whitepapers. Both of them are about malware. A brief summary is provided for each paper, as well as a link to download them. Understanding Malware Malware is complex and relatively undocumented, since there is no profit to be made by documenting everything as if it were a software project. … Read more

Absence

The last couple of months have not been filled with my absence, whereas it did look like that. In the time that I did not post anything, I have been working on multiple projects. These projects will be posted here once finished. The products are finished, I only have to add the extra Javadoc for … Read more