Mastodawn

#DRCOV coverage import support added. You can now load drcov traces via the analysis plugin (a:drcov) to mark executed blocks and improve static analysis based on coverage data.
Special thanks to @pancake for its support during the review @radareorg https://github.com/radareorg/radare2/pull/25275

##debug Add DRCOV trace import by seifreed · Pull Request #25275 · radareorg/radare2

Summary add DRCOV coverage import as analysis plugin (a:drcov) parse drcov v2 files and mark traced basic blocks load sample from testbins (drcov/drcov.sample) Testing r2r test/db/archos/linux-x...

GitHub

Marc Rivero Jan 4

Guarding Against Physical Attacks: The Xbox One Story (2019) | Hacker News https://news.ycombinator.com/item?id=46477121

Guarding Against Physical Attacks: The Xbox One Story (2019) | Hacker News

Marc Rivero Jan 3

A Game's Memory: Reverse Engineering Mount and Blade: Warband | Hacker News https://news.ycombinator.com/item?id=46474202

A Game's Memory: Reverse Engineering Mount and Blade: Warband | Hacker News

Marc Rivero Oct 8, 2025

🚀 Introducing #r2morph , a metamorphic binary transformation engine built on @radareorg + #r2pipe.
It applies semantic mutations (NOPs, instruction swaps, dead code, opaque predicates…) without breaking functionality.

🧠 Perfect for research on evasion, obfuscation & malware analysis.

🔗 https://github.com/seifreed/r2morph

#malware #obfuscation #forensics #radare #radare2

GitHub - seifreed/r2morph: A metamorphic binary transformation engine based on r2pipe and radare2.

A metamorphic binary transformation engine based on r2pipe and radare2. - seifreed/r2morph

GitHub

Marc Rivero Sep 10, 2025

Hello #IDAPro users!

Something crazy is being developed; finally we will enjoy having a @radareorg shell inside #idapro

Stay tuned!! Cc @pancake

#malware

Marc Rivero Aug 17, 2025

🎉 Excited to release #r2inspect - my malware analysis framework using @radareorg

🔍 Analyze PE files with 28+ modules
🛡️ Detect packers, crypto, anti-analysis
📊 Export to JSON/CSV
🐳 Docker ready

Free & open source 🔓
Check it out 👉 https://github.com/seifreed/r2inspect

#opensource #malwareresearch #blueTeam

GitHub - seifreed/r2inspect: Advanced Malware Analysis Tool using Radare2 and r2pipe

Advanced Malware Analysis Tool using Radare2 and r2pipe - seifreed/r2inspect

GitHub

Marc Rivero Aug 6, 2025

🚀 Meet #YARAAST 0.3 an all-Python CLI & lib that turns YARA rules into an AST for rapid linting, diff, metrics & auto-formatting. Built for CI/CD & threat hunters.
pip install yaraast
Check the repository:
https://github.com/seifreed/yaraast
#infosec #DFIR

GitHub - seifreed/yaraast: A powerful Python library and CLI tool for parsing, analyzing, and manipulating YARA rules through Abstract Syntax Tree (AST) representation

A powerful Python library and CLI tool for parsing, analyzing, and manipulating YARA rules through Abstract Syntax Tree (AST) representation - seifreed/yaraast

GitHub

Marc Rivero Jul 8, 2025

astralia Jul 8, 2025

Computer engineer interested on #cybersecurity and #reverseengineering looking for job.
Maybe I do not have the skills, but one thing i can say is that I’m pretty good on getting my shit done, even if is something new to me.
#jobsearch

Marc Rivero May 26, 2025

GOFFEE continues to attack organizations in Russia https://securelist.com/goffee-apt-new-attacks/116139/

GOFFEE continues to attack organizations in Russia

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Kaspersky

Marc Rivero May 26, 2025

Attackers distributing a miner and the ClipBanker Trojan via SourceForge https://securelist.com/miner-clipbanker-sourceforge-campaign/116088/

Attackers distributing a miner and the ClipBanker Trojan via SourceForge

Malicious actors are using SourceForge to distribute a miner and the ClipBanker Trojan while utilizing unconventional persistence techniques.

Kaspersky