Karol Trociński (@karoltrocinski)

New #PEsieve & #HollowsHunter
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!

14.12.2024 16:33 👍 45 🔁 18 💬 0 📌 0

LIEF 0.16.0 is out featuring new (extended) capabilities like Dyld Shared Cache support, Assembler/disassembler, ...

lief.re/blog/2024-12...

10.12.2024 11:24 👍 9 🔁 5 💬 0 📌 0

On the 1st of December, the notorious Socks5Systemz payload server hosted at AS57678 (Cat Technologies 🇭🇰) that is already active for several months started to serve a new version of Socks5Systemz ⤵️

🌐 urlhaus.abuse.ch/url/3189430/

This is the first major change since... ⬇️

05.12.2024 10:45 👍 2 🔁 1 💬 1 📌 0

VirusTotal moves to YARA-X When I began developing YARA-X, my primary goal was to create a tool capable of eventually replacing YARA for serious, professional use.

virustotal.github.io/yara-x/blog/...

04.12.2024 16:52 👍 18 🔁 4 💬 1 📌 1

Ready for the Advent of Radare?
❄️🗓️ > radare.org/advent
Starting tomorrow, December 1st we will release every day a new article with general knowledge, tricks, scripts and challenges to solve with radare2 covering topics from #aor24 #reverseengineering

30.11.2024 16:29 👍 16 🔁 10 💬 0 📌 0

advent-of-code/2024/ocaml/lib/day01_1.ml at main · danielstocks/advent-of-code :santa:🎄Yeehaaaaaa. Contribute to danielstocks/advent-of-code development by creating an account on GitHub.

Advent Of Code OCaml, Day 1, Part 1 - Done. That was fun!

Code review anyone? :D

github.com/danielstocks...

01.12.2024 10:45 👍 23 🔁 3 💬 3 📌 0

Yeah, I actually really enjoy it. I did the a bunch of exercises from the Ocaml website, then wrote a small HTTP server using the CoHTTP library and so far it's a really nice experience, completely mind bending but fun

01.12.2024 11:40 👍 2 🔁 0 💬 2 📌 0

Which language? I've chosen Ocaml this year and oh boy, that's an adventure 😂

01.12.2024 11:27 👍 1 🔁 0 💬 1 📌 0

UDRL, SleepMask, and BeaconGate I've been looking into Cobalt Strike's UDRL, SleepMask, and BeaconGate features over the last couple of days. It took me some time to understand the relationship between these capabilities, so the aim...

[BLOG]
This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs.

rastamouse.me/udrl-sleepma...

30.11.2024 02:05 👍 31 🔁 16 💬 0 📌 0

Bootkitty: Analyzing the first UEFI bootkit for Linux ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.

#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. www.welivesecurity.com/en/eset-rese... 🧵

27.11.2024 08:34 👍 29 🔁 17 💬 1 📌 1

Prefer Rust to C? There's no reason your decompilation has to necessarily target C as the output. With our Language Representation UI/API in 4.2 you can see all your decompilation as Rust instead.

22.11.2024 17:03 👍 24 🔁 4 💬 2 📌 0

📚 “Comparing binaries with radiff2” - a video tutorial by Mohamed Atta Abozaid (Egypt)

👀 video youtu.be/RsI8hNhsi_U
👉source github.com/ReEng101/Bin...

#radare2 #reverseengineering #BinaryDiffing

24.11.2024 07:34 👍 12 🔁 4 💬 0 📌 0

Reverse Engineering iOS 18 Inactivity Reboot Wireless and firmware hacking, PhD life, Technology

Nice reverse engineering work to uncover the workings of iOS 18’s inactivity reboot. naehrdine.blogspot.com/2024/11/reve...

17.11.2024 23:27 👍 107 🔁 26 💬 1 📌 3

I'd love to try! Haven't done any functional programming so it seems like it would be a nice challenge 🐫

19.11.2024 13:50 👍 1 🔁 0 💬 1 📌 0

Karol Trociński

Latest posts by Karol Trociński @karoltrocinski