Silma

@[email protected]
45 Followers
110 Following
63 Posts
Come as you are 🏴‍☠️
Ralph Wiggum with a debugger
Mostly x86 things && ephemeral drunk shitposts
SilmaMar 4

Linux #rootkit taxonomy and hooking techniques (part. 1):

https://www.elastic.co/security-labs/linux-rootkits-1-hooked-on-linux

#malware #reverseengineering

Hooked on Linux: Rootkit Taxonomy, Hooking Techniques and Tradecraft — Elastic Security Labs

In this first part of a two-part series, we explore Linux rootkit taxonomy, trace their evolution from userland shared object hijacking and kernel-space loadable kernel module hooking to modern eBPF- and io_uring-powered techniques.

SilmaFeb 28

Deep dive into some C++ concepts:

* Object Creation
* (Virtual) Inheritance
* Virtual Functions

And maybe more to come?

https://jinjucat.github.io/

#reverseengineering #cplusplus #cpp

JinjuCat’s blog

JinjuCat's blog
SilmaFeb 22
WashiFeb 21

Over the past couple years, I have come to know the #dotnet platform pretty well, from a developer's and a #reversing standpoint.

I can’t always say the same the #infosec community.

Today, I decided to rant a little (or maybe a lot 🙃)

👉 https://blog.washi.dev/posts/misconceptions-about-dotnet/

SilmaFeb 19

https://github.com/xKiian/datadome-vm

"This repository documents the first public version of DataDome's in-browser JavaScript virtual machine (VM) used in their CAPTCHA/interstitial flow."

#reverseengineering #vm #javascript

GitHub - xKiian/datadome-vm: Reverse engineering the new Datadome VM 🔥

Reverse engineering the new Datadome VM 🔥. Contribute to xKiian/datadome-vm development by creating an account on GitHub.

GitHub
SilmaFeb 14

For those who have the pleasure to reverse Go binaries:

https://azhlm.netlify.app/note/golang/

#golang #reverseengineering

Reverse Engineering Go Binaries: A Comprehensive Guide to Metadata Analysis | Azhlm

Comprehensive guide to analyzing Go binaries through pclntab, moduledata, and type information extraction across versions 1.2-1.26.

Azhlm
SilmaFeb 14

I missed this one because of ~~beer~~ summer holidays.
Anyway, if you want to see how a Shellter protected binary looks like:

https://www.elastic.co/security-labs/taking-shellter

#malware #reverseengineering #shellter

Taking SHELLTER: a commercial evasion framework abused in-the-wild — Elastic Security Labs

Elastic Security Labs detected the recent emergence of infostealers using an illicitly acquired version of the commercial evasion framework, SHELLTER, to deploy post-exploitation payloads.

SilmaFeb 14

Pimpin' java bytecode:

https://blog.quarkslab.com/how-to-write-your-first-obfuscator-of-java-bytecode.html

#java #bytecode #obfuscation #reverseengineering

How to write your first obfuscator of Java Bytecode - Quarkslab's blog

In this article I describe Java bytecode obfuscation, using one of the challenges I did in 2023 as part of the interviews with Quarkslab for the position of Java compiler engineer in QShield.

SilmaNov 22

https://cyber.wtf/2025/11/19/rhadamanthys-loader-deobfuscation/

#reverseengineering #malware

Rhadamanthys Loader Deobfuscation | cyber.wtf

SilmaOct 27
MalcatOct 27

Learn how to deobfuscate #Latrodectus using #malcat's scripting engine:

https://malcat.fr/blog/malcat-scripting-tutorial-deobfuscating-latrodectus/

SilmaOct 17

An interesting (and fun!) read:

"How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked"

https://blog.pixelmelt.dev/kindle-web-drm/

#reverseengineering #drm

How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked

As it turns out they don't actually want you to do this (and have some interesting ways to stop you)

Cats with power tools