avallach

@[email protected]
458 Followers
1.2K Following
2.3K Posts
🇺🇦 Malware Researcher 🇺🇦
Posts are my own and do not reflect my employer.
mlgethttp://github.com/xorhex/mlget
bloghttps://blog.xorhex.com
twittodonhttps://twittodon.com/share.php?t=xorhex&[email protected]
avallach19h ago
CyberKaida (サイバーかいだ)21h ago

Threat hunting and malware analysis live! Let's find these naughty malware authors!

https://twitch.tv/cyberkaida

#VTuber #Malware #ReverseEngineering #ThreatHunting #URLScan #Ghidra

サイバーカイダ - Twitch

Threat Hunting and Malware analysis! Let's hunt some malware

Twitch
avallach1d ago
BSidesCharm1d ago
Getting close - 1 week until #BSidesCharm 2026! Plenty of parking will be available on-site in the parking garage - rate is $15/day
avallach2d ago
Jimmy Wylie2d ago

Ironically, S4 dropped my talk on vibe coding ICS malware on the same day that non-functional AI-slop OT "malware" is making headlines. It’s hype “malware” distracting us from real threats.

More to say, but it's Friday :) In the meantime, I hope you enjoy the talk.

https://www.youtube.com/watch?v=v0grXXc5zgw

Building FrostyGoop With The Help Of AI

YouTube
avallach2d ago

RE: https://infosec.exchange/@dwmetz/116422294193472571

Thanks for the shout out @bakerstreetforensics.com 🫶

For those that have not checked out #MalChela, it's pretty slick. You can integrate your own custom python scripts into it, allowing them to be found and executed in one place 😀

https://github.com/dwmetz/MalChela#-adding-custom-tools

avallach2d ago
Silma2d ago
https://blog.quarkslab.com/obfuscation-vs-the-optimizer-an-llvm-middle-end-arms-race.html
Obfuscation vs the Optimizer: An LLVM Middle-End Arms Race - Quarkslab's blog

How one Commit Broke Obfuscation: A blog post exploring the role of compilers and optimizations in the field of obfuscation and de-obfuscation.

avallach3d ago
quarkslab3d ago

Obfuscation vs The Optimizer: A Battle in LLVM Middle End.

@yates82 shows us how the continuous improvement of the LLVM optimizer defeats naive code obfuscation, and how the obfuscator can fight back.

An eternal fight in which all victories are ephemeral

https://blog.quarkslab.com/obfuscation-vs-the-optimizer-an-llvm-middle-end-arms-race.html

avallach3d ago
blueninja 3d ago
The FLARE Learning Hub is launching with three free courses:
- Malware Analysis Crash Course
- The Go Reverse Engineering Reference
- Introduction to Time Travel Debugging (TTD)
Start learning: https://github.com/mandiant/flare-learning-hub
#infosec #cybersecurity #reverseengineering
GitHub - mandiant/flare-learning-hub: Free educational content on reverse engineering and malware analysis from the FLARE team

Free educational content on reverse engineering and malware analysis from the FLARE team - mandiant/flare-learning-hub

GitHub
avallach3d ago
Will Dormann3d ago

From the same author as BlueHammer we now have RedSun.

This works ~100% reliably to go from unprivileged user to SYSTEM against Windows 11 and Windows Server 2019+ with April 2026 updates, as well as Windows 10, as long as you have Windows Defender enabled. Any system that has cldapi.dll should be affected.

avallach4d ago
Brian Davis4d ago

Olympic National Park Backcountry permits are open today.

Enchanted Valley is inaccessible due to multiple road washouts. TBD if it opens at all this year. Sul Doc area still has some mid week availability. The Hoh and Grand Valley have plenty still available.

I'm planning a two night, newbie trip for September. Was going to do Enchanted Valley. Now I'm not sure. Might see if I can get Mt Margaret Wilderness again...

#backpacking #pnw

avallach4d ago
Insomni'hack4d ago

Missed a talk at Insomni'hack 2026? Good news: every session is now available to stream on our YouTube channel.

Watch your favourite topic: https://ow.ly/y8Tj50YJUhr

#Cybersecurity #Infosec #INSO26 #CyberConference