Description
This site is a place where I would put things that I have learnt along the way :D
Malware Analysis
Sample Analysis
- 25 Apr 2025 - Simple Removal of Disruptive Adware-ish APK
- 23 Feb 2025 - Analysis on Destructive MEMZ’s Master Boot Record (MBR)
- 01 Mar 2025 - Taking a look into NotPetya’s MBR Corruption
- 18 Jun 2024 - Opaque Predicate Control Flow Deobfuscation- ICEDID
- 20 May 2024 - A Quick Look at BlackWood DLL Loader
- 17 Aug 2022 - My First Malware Sample Analysis
Malware Techniques
- 15 Nov 2024 - How CHM Files Are Used and Misused by Bad People
- 01 Nov 2024 - Loading and Executing .NET Binaries from Unmanaged Applications
- 05 Sep 2023 - Relocation Table and Import Address Table (IAT) in Reflectively Loaded PE File
- 13 Jun 2023 - Quick Study of Bring Your Own Vulnerable Driver (BYOVD)
- 09 Sep 2022 - Understanding 64 bits Windows 10 Shellcode (Calc.exe) - Part 2
- 08 Sep 2022 - Understanding 64 bits Windows 10 Shellcode (Calc.exe) - Part 1
- 06 Sep 2022 - DudeLocker (Flare-on 2016) - RVA and Import Descriptors
Capture The Flag
- 21 Oct 2024 - TISC 2024 - Challenge 8 (Wallfacer)
- 26 Mar 2023 - Alien Saboteaur - HTB Cyber Apocalyse 2023
- 26 Sep 2022 - DUCTF2022 - EZPZ RE + Pwn
- 12 Nov 2022 - Flare-on 9 - Challenge 9 and 11
N-Day Analysis
- 06 May 2022 - A Case Study of an Incorrect Optimization in V8
- 16 Oct 2020 - Analysis & Exploitation of a Recent TP-Link Archer A7 Vulnerability
- 07 Aug 2020 - ASUSWRT URL Processing Stack Buffer Overflow
- 12 Jul 2020 - CVE-2020-6418 - V8 Type Confusion Bug
Presentation Materials
- 06 Sep 2024 - ( ZettelKasten ) Obsidian Note Taking Tour
- xx xxx 202x - Using Partial Emulation for Malware Analysis
- 06 Apr 2022 - Case Study of Incorrect Optimization of Bitward & Operation in V8
Origami
- 17 Nov 2022 - Origami Scorpion Design from Start to Finish
Misc. Learning
- 13 Feb 2025 - Late Night Experimentation with OpenGrep
- 18 Nov 2024 - What happen When We SYSCALL?