1. [Off topic] Steganography - Popularizing Sample Pair Technique for LSB embedding detection

    Recently I have been asked to create a script that embeds randomly a payload into an image using LSB embedding, and to create a function that could detect whether or not an image contains a payload. I have been doing researches and I found that the Sample Pair Analysis appeared to be the latest and the most efficient method to do so. I will try to explain it here, without all the maths the papers I have been reading were including. …


  2. [Write-Up] NorzhCTF - Secure Auth (666pts)

    Introduction …


  3. [Article] Random malware analysis & unpacking - Stage 2/3

    <- Random Malware Analysis & Unpacking - Stage 1/3 …


  4. [Write-up] Exceptions - ECW quals 2019

    I am taking a break from the binary I am currently analysing in Random Malware Analysis unpacking - Stage 1/3, as it takes me quite a lot of time to figure out some things for stage 2. Today I will be focusing on writing up my solution for Exceptions, a binary to reverse that was given at ECW prequals 2019. …


  5. [Article] Random malware analysis & unpacking - Stage 1/3

    Recently a friend of mine gave me some random malware samples, and I decided to analyse them and write up my finding here in order to improve my reverse engineering skills. Today, we’ll learn about : IDA Python, frida on PE, IDA structs generation, multiple packing techniques, one good old anti-dbg technique, and some win internals. …


  6. [Talk] Anti-disassembly techniques

    Today I was pleased to present a talk about dissassemblers, their algorithm and their flaws. The talk presents common anti-disassembly techniques and compare their effect on different tools such as Ghidra, IDA and radare2. I made this talk as an hack2g2 conference at ENSIBS. …


  7. [Write-up] BetterDoorThanAnNT - RedPwnCTF 2019

    I made a write-up about the challenge BetterDoorThanAnNT from RedPwnCTF. This is my first look at Windows Internals, PEB and TEB. This write-up features some anti-disassembly techniques, dynamically resolved imports and some bonus about fixing a PE header. …