brk, a.k.a. @evanrichter

@[email protected]
124 Followers
285 Following
1.9K Posts
Security, Rust, Reverse Engineering, CTF with PwnFirstSearch
githubhttps://github.com/evanrichter
bird@evanrichter
CTFbigrick
brk, a.k.a. @evanrichter3d ago
alice pellerin3d ago

i don't see enough people with one of the best tool improvements i've ever made for reverse engineering, so i had to write a blog post about it!

https://simonomi.dev/blog/color-code-your-bytes/

your hex editor should color-code bytes

brk, a.k.a. @evanrichter3d ago
Show threadEsteban Küber 3d ago
#Rust crates that vendor C code and build it in their build.rs should *not* make them the default. Instead they should attempt to use the system one and bail if that fails, with an error asking people to enable a feature flag to use the vendored dependency. "It just works" invisibly means that people can be unaware that they are including vendored code or that their platform's system packages aren't properly set up.
#RustLang
brk, a.k.a. @evanrichter5d ago
mahaloz6d ago

It's time to wrap things up! On Monday at 4 pm MST, I'll be streaming my PhD defense! Come one, come all!

The talk is titled "Toward a Science of Software Reverse Engineering".

Twitch: https://www.twitch.tv/maha1oz/schedule?seriesID=31a496ab-a842-483c-a825-808a53df601a

maha1oz Schedule - Twitch

Check out maha1oz stream schedule, and set reminders so you don’t miss out!

Twitch
brk, a.k.a. @evanrichterMar 21
bunnieMar 20

One of my favorite features of the Baochip-1x is the BIO. It's an I/O coprocessor that is based on the PicoRV32, with custom register extensions to allow direct access to GPIOs from the ISA.

Read more about the BIO at this blog post: https://www.bunniestudios.com/blog/2026/bio-the-bao-i-o-coprocessor/ I go in-depth into the architecture and its trade-offs relative to the PIO, and conclude by working through a couple of coding examples.

brk, a.k.a. @evanrichterMar 20
FirstyearMar 20
It's been a monumental effort, but we are finally OpenSSL free in the whole Kanidm stack - compact_jwt, hsm/tpm, webauthn-rs, kerberos/libkrimes and today Kanidm itself.
brk, a.k.a. @evanrichterMar 17
Wilfred HughesMar 16

I've released difftastic 0.68! A smaller update, but still worth upgrading:

* Improved Bash, C, Go, Lua, Nix, Perl, Python, Rust, Scala, Swift and YAML parsing.
* Minor display and git compatibility fixes.

https://github.com/Wilfred/difftastic/releases/tag/0.68.0

brk, a.k.a. @evanrichterMar 15
Matt KeeterMar 15

raven-uxn now has an x86-64 assembly backend (yay!)

and it's about 2x faster (yay!!)

and the first draft was written by Claude (booo!)

and then I rewrote most of it, which made it even faster (yay!)

and introduced a memory corruption bug (booo?)

which Claude is better at debugging than I am (.......?)

--------

if you too have complicated feelings about our robot buddies, you may enjoy my writeup:

https://www.mattkeeter.com/blog/2026-03-15-uxn/

An x86-64 backend for raven-uxn

Porting 2000 lines of ARM64 assembly to x86-64, with the help of a robot buddy

brk, a.k.a. @evanrichterMar 15
Felix "tmbinc" DomkeMar 15

This is quite awesome - successful Xbox One ROM glitching, by Markus "doom" Gaasedelen: https://www.youtube.com/watch?v=FTFn4UZsA5U

Congratulations!

RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen

YouTube
brk, a.k.a. @evanrichterMar 11
Mark GriffinMar 11

~6 months ago I posted about how a LiveCTF competitor won a few challenges with a an AI bot in the background.

Since then, I've been seeing versions of the "LLMs have ruined CTFs" discussion occur in bits and pieces, but haven't found anything consolidated... are there any good writeups or discussions out there?

Particularly interested in the area of "what LLMs are not good at" or even anti-LLM techniques beyond attempting prompt injection.

brk, a.k.a. @evanrichterMar 6
crowMar 6
mom take me home, there are people who use nano on here