Mastodawn

radare

1d ago

cryptax 1d ago

W32/SkyAI uses AI? So do I.

Read it here https://cryptax.medium.com/w32-skyai-uses-ai-so-do-i-d33f04d63534

What's in there?

- Where the malware loads the AI prompt, and what for. And why it fails.
- How to de-obfuscate strings
- Which URLs the malware contacts (beware)
- How to find the encryption key with AI
- How to extract (and decrypt) the embedded PE
- R2ai tips when curl argument is too long
- How the malware checks if it's on a VM
- How much this analysis cost.

Enjoy!

#malware #analysis #r2ai #skynet #topozuy #skyai #AI

W32/SkyAI uses AI? So do I. - @cryptax - Medium

A new sample, named W32/SkyAI (or Topozuy, or Skynet), has recently emerged, showing use of a AI prompt bypass attempt. Perfect occasion to look into with … r2ai! It’s the Radare2 plugin for…

Medium

Here’s a little spoiler of my next #r2tv video. What do you think it will be all about?

radare

5d ago

r2pm now supports python virtual environments. This means that if you install the "python" r2pm package, you can then run 'r2pm -r pip install' and get all the deps into the associated pyenv in your home. https://github.com/radareorg/radare2/commit/8df7b0a7927473592643f7eca24346d87547c94d

Support python virtual environments ##r2pm · radareorg/radare2@8df7b0a

UNIX-like reverse engineering framework and command-line toolset - Support python virtual environments ##r2pm · radareorg/radare2@8df7b0a

GitHub

📦acr-2.2.2 is out! This new release just comes with improvements for the meson wrap support for GNU Make. https://github.com/radareorg/acr/releases/tag/2.2.2

radare

6d ago

r2analyze is a plugin for #radare2 that integrates #intezer malware analysis platform results into the currently running session. https://intezer.com/blog/radare-plugin-automate-reverse-engineering/

🔥 As long as every recording is a new experiment, I decided draw the thumbnail by hand and make a shorter recording (9min) I would love to hear from you to choose the best length and topics to cover #r2tv #vtuber

📺 👉 https://www.youtube.com/watch?v=N31bwZ2c2cc

r2tv shorts - Installing new plugins for radare2 with r2pm

YouTube

📦 In my last video for r2tv I introduce r2pm, the package manager. Learn about how to create, search and install plugins and tools for @radareorg!

📺 👉 https://youtu.be/DbVBbxOL7KY (20min) #radare2

🚀 Ghidra users! Looking for more power & flexibility in your reverse engineering workflow? Try ghidra-r2web — the plugin that lets you attach multiple Radare2 instances to your main #Ghidra session!
We need ideas, bug reports, feature requests and contributors to make this plugin shine! https://github.com/radareorg/ghidra-r2web

GitHub - radareorg/ghidra-r2web: Ghidra plugin to start an r2 webserver to let r2 interact with it

Ghidra plugin to start an r2 webserver to let r2 interact with it - radareorg/ghidra-r2web

GitHub

radare

Jun 26

🚨Friendly reminder: The #CFP for #r2con2025 is still OPEN! There's plenty of time before October 24th, but if you want to talk about anything related to #radare2, please submit your talk ASAP! ✨ Let’s make this edition even better! 🚀 #infosec

👉 https://radare.org/con/2025/

radare

Jun 26

🚀 Ghidra users! Looking for more power & flexibility in your reverse engineering workflow? Try ghidra-r2web — the plugin that lets you attach multiple Radare2 instances to your main #Ghidra session!
We need ideas, bug reports, feature requests and contributors to make this plugin shine! https://github.com/radareorg/ghidra-r2web

GitHub - radareorg/ghidra-r2web: Ghidra plugin to start an r2 webserver to let r2 interact with it

Ghidra plugin to start an r2 webserver to let r2 interact with it - radareorg/ghidra-r2web

GitHub

Website	https://www.radare.org
GitHub	https://github.com/radareorg/radare2
Discord	https://discord.gg/YBey7CR9jf
Conference (Oct 24,25)	https://radare.org/con