Archives

July 2024

• 02: Please excuse the mess! (11)
• 01: Another update to Enigma Virtual Box unpacker (25)

January 2024

• 16: Happy 2024! (49)

December 2023

• 29: Flare-On 9 medal has arrived! (1)

March 2023

• 05: Updated Enigma Virtual Box unpacker (again) (38)

January 2023

• 29: Updated EnigmaVB unpacker (4)

November 2022

• 06: Solving 0x777h’s crackme (4)

August 2022

• 12: How security plugins for Autoplay Media Studio fail, pt.2 (9)

July 2022

• 19: How security plugins for Autoplay Media Studio fail (15)

February 2022

• 04: Flare-On 8 prize has just arrived! (2)

December 2021

• 31: Update of unpackers (77)

June 2021

• 24: WordPress Fancy Product Designer exploit (14)

April 2021

• 22: Kaswara exploit or how much Wordfence cares about user security (6)

January 2021

• 29: Solving RTN CTF challenges (8)

September 2020

• 04: Hacking resources for fun and no profit, part 1 (15)

August 2020

• 15: Deobfuscating AutoIt scripts, part 2 (14)

July 2020

• 21: July update for Molebox unpacker (43)

June 2020

• 19: Another update of Molebox unpacker (20)
• 04: Stealing WordPress credentials (5)

May 2020

• 10: Update of unpackers (44)

April 2020

• 08: About the long silence (28)

June 2019

• 19: June update of unpackers (42)

April 2019

• 21: My password is “password” (4)
• 13: Unity3D protection in “AU2” dance games, part 2 (2)
• 13: April update of unpackers (21)

March 2019

• 01: March update of unpackers (57)

February 2019

• 13: uBlock silently enables Acceptable Ads for everyone (10)
• 11: Unity3D protection in Moonton games, part 2 (15)

January 2019

• 05: Comment spam abuses Google Drive and bypasses Akismet (8)

December 2018

• 29: Unity3D protection in “AU2” dance games (10)
• 21: December update of unpackers (36)
• 11: Changes in the blog (8)
• 10: Changes in Chrome 71 break Gmail. (7)

November 2018

• 19: Unity3D/Mono protections, part 4 (24)
• 12: Unity3D protection in Moonton games (11)

October 2018

• 31: Unity3D, Mono and invalid PE files, part 2 (12)
• 25: October update of unpackers (10)
• 18: Why morons shouldn’t be writing about security, part 4 (4)
• 16: About FLARE 2018 (6)

September 2018

• 30: September update of unpackers (38)

June 2018

• 26: x64dbg – 2 years later.. (6)

May 2018

• 15: Unity3D, Mono and invalid PE files (17)

April 2018

• 24: About City of Atlanta and ransomware (4)

February 2018

• 27: February update of unpackers (49)

January 2018

• 10: F00F bug or why morons shouldn’t be writing about security (again) (3)

December 2017

• 20: December update for unpackers (64)

November 2017

• 21: Running WinDbgX on Windows 7 (15)
• 02: Complicated state machines – or how Unit42 “discovered” .NET Reactor (5)

October 2017

• 14: About FLARE 2017 (10)
• 07: LabyREnth 2017 CTF Prizes (0)
• 04: October update to Molebox unpacker (4)

September 2017

• 05: MSDN is sometimes wrong (2)

August 2017

• 22: Yet another update to Molebox unpacker (0)
• 19: Use of syscall and sysenter in VMProtect 3.1 (20)

July 2017

• 20: Fix Backspace in Google Chrome (5)

June 2017

• 02: Enigma’s EP_CryptDecryptBuffer internals (3)

May 2017

• 12: VMProtect and dbghelp.dll bug in export processing (3)

April 2017

• 28: Flare-On prize has (finally) arrived (3)
• 21: Updated Enigma VirtualBox unpacker again (30)

March 2017

• 24: Cybellum – next gen cyber company (it’s not) (3)
• 09: Recovering data from faulty HDD (10)

February 2017

• 16: NetBalancer: should you trust it? (11)
• 06: Updated Molebox unpacker (134)
• 01: Moving to a new host (3)

January 2017

• 26: Abusing Microsoft-signed executables (4)
• 18: Blog not dead (20)
• 17: LabyREnth CTF Prize (0)

December 2016

• 02: Deobfuscating AutoIt scripts (23)

November 2016

• 15: Why morons shouldn’t be writing about security, part 2 (4)
• 07: About FLARE 2016 contest (1)

September 2016

• 27: Why I’m not using x64dbg (30)
• 21: IDA bug in PE export processing (1)

August 2016

• 17: Gone for summer vacation (7)
• 01: Breaking B0rken ElGamal KeygenMe, part 2 (3)

July 2016

• 22: Breaking B0rken ElGamal KeygenMe by SmilingWolf (4)

June 2016

• 28: Bugs in Enigma Virtual Box (9)
• 20: Six-factor authentication (it’s not) (0)
• 08: What’s wrong with this file – ASLR is tricky! (6)
• 06: CFF bug in RVA2Offset (8)
• 03: Quickpost: addicted to meaningless jargon (4)

May 2016

• 31: BTVStack.exe requesting access to Skype on every startup (3)
• 20: Beautiful code (1)
• 16: Quickpost: application reversing becoming legal in USA? (0)
• 03: CFF bugs in processing managed resources (8)

April 2016

• 29: I bought a software today… (5)
• 28: Quickpost: updated EnigmaVB unpacker (45)
• 21: JS-boobytrapped ZIP files, or why morons shouldn’t be writing about security (6)
• 19: Quickpost: how Hacking Team was hacked. (0)
• 19: One month with Avast (11)

March 2016

• 24: MoleBox goes out of business (96)
• 11: About .NET, googling and lazy programmers. (6)

February 2016

• 16: Updated Meltdown and EnigmaVB Unpacker (34)
• 10: How to lose 20% of your readers in one day (5)

January 2016

• 20: Is your password ‘123456’? Mine too! (1)
• 16: Local Privilege Escalation Bug in Faronics Deep Freeze (2)
• 16: Updated Faronics DeepFreeze and Meltdown (45)

December 2015

• 05: Since you asked.. How to obtain value of a field using WinDbg? (1)

November 2015

• 12: Why do antiviruses suck, part 2 (5)
• 05: Keygen templates in Visual Studio (2)
• 03: “Unlimited storage” Microsoft-style (7)
• 02: Solving “Find the flag” crackme by Extreme Coders (12)

October 2015

• 22: Static unpacker for AutoPlay Media Studio files (80)
• 01: AdBlock joining “Acceptable ads” program (13)

September 2015

• 24: Volkswagen and their emission cheating software (3)
• 23: Why do most antiviruses suck? (5)

August 2015

• 31: Let’s say something good about Google Chrome (0)
• 21: Dancing pigs – or how I won my fight with Google Chrome updates (63)

July 2015

• 28: Why you should wait on upgrading to .Net 4.6 (5)
• 23: Static Enigma Virtual Box unpacker, part 3 (20)
• 08: Fun with encrypted VBScript (1)

June 2015

• 29: Linking OMF files with Delphi (3)
• 19: Weirdness of C# compiler (4)
• 12: I won’t show you (1)
• 09: Excuse the mess #2 (0)
• 08: Analyzing malicious LNK file (2)
• 02: Since you asked.. How to inject byte array using dnlib (9)

May 2015

• 27: Static Enigma Virtual Box unpacker, part 2 (2)
• 25: Blogging is hard (11)
• 19: Static linking of Bassmod in Delphi (37)
• 13: Fixing choppy sound in Chrome within RDP connection (1)
• 11: Improving Meltdown (3)

April 2015

• 29: How to learn Reverse Engineering (18)
• 24: Sniffing correct serial in .NET crackmes (2)
• 16: About e-governments (0)
• 08: Catch me when you can (0)

March 2015

• 31: The malware arms race (0)
• 23: .NET, ScyllaHide and HEAP_CREATE_ENABLE_EXECUTE (1)
• 16: Fighting comment spam (9)
• 11: Miserable state of open source code (6)
• 10: Gigaom suspends operations (3)
• 05: Improved static Enigma Virtual Box unpacker (22)

February 2015

• 26: When software is good enough (0)
• 20: String decryption with de4dot (19)
• 16: Why you should not worry about HARES (2)
• 12: Rapidshare is closing. And nothing of value was lost. (0)
• 12: Freeware scam artists. And some real morons. (1)
• 11: I need adblocker for my.. TV! (3)
• 09: Writing good drivers is really hard, part 2 (1)
• 09: .NET exception “The remote certificate is invalid” (1)
• 07: Excuse the mess (2)
• 06: Don’t touch this – writing good drivers is really hard (6)
• 03: Control Flow Guard in Windows 8.1 and VS2015 (2)

January 2015

• 31: Improved CFF Explorer (0)
• 29: Improved dotNET Tracer (11)
• 27: Hello world! (5)