Dynamic Data Resolver (DDR) — IDA Plugin 1.0 beta

10/20/20 Update: A new version of this software and associated blog can be found here Executive summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is d

Custom dropper hide and seek

New IDA Pro plugin provides TileGX support

GhIDA: Ghidra decompiler for IDA Pro

RAT Ratatouille: Backdooring PCs with leaked RATs

Executive summary Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code asso

RATs and stealers rush through “Heaven’s Gate” with new loader

By Holger Unterbrink and Edmund Brumaghin. Executive summary Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. F

Dynamic Data Resolver (DDR) - IDA Plugin

Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability

Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities