| π Chip Security Testing | Side-Channel, Fault Injection, Failure Analysis |
| π Binary Analysis | Vulnerability & Malware Research |
| Website | https://eshard.com/ |
A malicious MKV opens in VLC. A fake calc.exe pops up: "We've got you."
An AI agent made an MCP trace-driven analysis and reconstructed the full exploit chain, use-after-free, heap spray, ROP chain, shellcode, from a single CPU trace.
πhttps://www.eshard.com/blog/vlc-media-player-mkv-exploit-analysis
#exploit #reverseengineering #binary
Live session with @pqshield: physical attacks on post-quantum crypto, a CPA attack on ML-KEM, and how to harden your defenses.
Limited seats π https://zoom.us/meeting/register/NIX4FovvREe3n6KJ2JbrqA
#pqc #hardware
Quantum-resistant algorithms are arriving in real devices; but physical attacks may already undermine them. eShard and PQShield explore whether side-channel and fault injection attacks pose a real-world threat to PQC implementations, with a live walkthrough of a CPA attack on ML-KEM and first-step countermeasures. Speakers: β Rafael Carrera Rodriguez, Hardware Security Analyst, eShard β Dr Adrian Thillard, Principal Security Analyst, PQShield (ex-Ledger Donjon, ex-ANSSI) Live, interactive session. Limited capacity β register now.
RE: https://infosec.exchange/@eshard/116527507587211806
Thanks for joining our live! Recording is up at the same link. Just reply here or comment there if you have any questions.
Join us tomorrow! We'll go live to talk about AI, reverse engineering, time travel debugging, and more: https://youtube.com/live/RaZrX0PX4kI
π Click the bell so you don't miss it!
#ai #reverseengineering #cybersecurity
Copy.fail is a new Linux kernel privilege escalation vulnerability sitting undetected since 2017, and it has been discovered using AI.
We analyzed it the same way. Locally.
π https://www.eshard.com/blog/copy-fail-internal-llms #Linux #CVE #AI
Join us next week for an open conversation about the role of AI in reverse engineering:
π΄ https://www.youtube.com/live/RaZrX0PX4kI
π Click the bell so you don't miss it!
AI can work great at static analysis, but it fails at at dynamic analysis because runtime data is a moving target.
The only way to solve this is to change the data format: turn dynamic execution into static data.
π https://www.eshard.com/blog/dynamic-analysis-ai-problem #cybersecurity #reversengineering #ai
Last seats for our #TyphoonCon 2026 training in Seoul! π°π·
ππ²π²π½ ππΆππ² πΆπ»ππΌ ππ»π±πΏπΌπΆπ± ππΆπ»π±π²πΏ
ποΈ May 27 - 29
Register for this training and get a FREE main conference pass! Reply to claim.
π http://www.eventbrite.com/e/1968561639857/?discount=eShard_sponsors
#reverseengineering #AndroidSecurity #cybersecurity
We built a CTF challenge designed to be painful to reverse engineer. Then an AI agent solved it in 6 minutes.
Try it yourself before reading how π https://ttd.eshard.com
Full write-up: https://www.eshard.com/blog/ring0-ring3-key-validator-time-travel-debugging
#CTF #reverseengineer #hacking
eShard
