Olivia
Online
Miasm
@MiasmRe
Paris, France
Joined February 2016
5 Following
914 Followers
70 Posts
@Farenain Great! You will have a second implementation to look at soon in miasm-rs 😉
While there are several frameworks for #reverseengineering that provide features we needed to see
through Wslink’s virtual-machine-based obfuscator, we used @MiasmRe in this project simply because
it’s actively maintained and we’re already familiar and satisfied with it. 4/5
@_trou_ It's more and more difficult to "manually" address problems generated by tools : 25 years ago, obfuscation, optimizations or even program size had "human size". Now, most of them are tool generated (even source code). So we also have to use tools to be able to solve them.
Little update: based on the great @NCCGroupInfosec blog post (https://t.co/p1yqEKuxiZ), we added color support for IR and ASM graph output: Thank you guys !
Who to follow
quarkslab
@quarkslab
Securing every bit of your data
https://t.co/hqdd8jMkYM
https://t.co/GOXPtukIXE
Duncan Ogilvie 🍍 
@mrexodia
Reverse engineer and creator of @x64dbg
The Triton library
@qb_triton
A dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
@MiasmRe you have a fan :) https://t.co/nlCbzIwzgt
@newsoft Great Post!
I finally decided to publish my complete toolset written for Tinynuke analysis
You'll find config and injects grabber, dll extractors, Ghidra deobfuscation scripts and @cea_sec miasm based scripts
https://t.co/p0G9F9VCXC
#Tinynuke #ReverseEngineering #Malware
@crackin76726107 Hum, as Miasm is a framework, I would answer "as the user has decided to implement it" :)
To be honest, the picture gives nearly no clue. Is it code flattening?
@BincatLady @moyix Yes, the core algorithms are re-coded in Rust to improve speed (Jitter / Lifter / code analysis / ... ) and to clean APIs a bit :)
But bindings allow python scripting currently!
@crackin76726107 Yes, you have a nice one there: https://t.co/WU2E5Y7WkI
Giving the workshop on code deobfuscation was great fun. Thanks for your active participation! #HITB2021AMS
Check out code, slides and samples here: https://t.co/t9Iyowl0Zf
@crackin10554874 Hi @crackin10554874, can you be a bit more precise for example on the Miasm gitter ?
https://t.co/PPVWwrUf1n
Giving the workshop on code deobfuscation was great fun. Thanks for your active participation! #HITB2021AMS
Check out code, slides and samples here: https://t.co/t9Iyowl0Zf
Congratulation, you both succeeded in:
- resolving the challenge
- writing a great tutorial on how to add a custom architecture in Miasm & exploit the IR!
Writeup for FCSC CTF 2021 - 'VMV'
"Defeating Nested Virtualization with @MiasmRe"
https://t.co/P6PzwceLDn
I explain how to write a custom architecture in Miasm and then use some pattern detection logic to solve the challenge.
This took most of my time, Hope you guys like it!
If you want to learn more about control-flow graph construction, analysis and loop detection, check out my slide deck. I also wrote a blog post on how these concepts can be easily explored with @MiasmRe.
https://t.co/JQB9girC7l
@mr_phrazer @r2gui Great workshop Tim!
Hopefully, IR translation/symbolic execution/z3 translation will be nearly instantaneous in the @rust version of miasm ;)
Friday, 19:00 GMT+2 at #r2con2020:
In a live coding, I will use @r2gui and @MiasmRe to automatically identify and remove opaque predicates in an APT malware sample.
Check it out: https://t.co/aSfOpbfUCy
Emulating the NotPetya bootloader with @MiasmRe, an article by @la_F0uin3 and myself, translated from an article originally published in @MISCRedac :
https://t.co/WDV0ERuaL1
Code available here: https://t.co/FhM3beStY1
@0xrepnz @_sudhackar For a real case symbolic execution example, here is (an old) one: https://t.co/mURdRoVW8n
I am missing something here; On windows 10 15063:
- In kernel32, IsProcessCritical is an export redirected to api-ms-win-core-processthreads-l1-1-2.IsProcessCritical
- no ApiSet for this dll
- in this dll, IsProcessCritical is... a redirected export to kernel32.IsProcessCritical
@rh0main If I don't mess up, api-ms-win-core-processthreads-l1-1-2 is not present in the ApiSet, and it's present on the disk (in the downlevel sub dir). So I definitively miss something here.
Last Seen Users on Sotwe
สาวใหญ่โคราช
Seen from Thailand
特攻队
Seen from United States
Kushan Mitra
Seen from United States
อยากเย็ดแม่กับแม่ยาย
Seen from Thailand
✝️الدكتور بطرس✝️
Seen from Egypt
𝘗𝘶𝘣𝘭𝘪𝘤 𝘎𝘪𝘳𝘭 𝘏𝘋 𝘔𝘰𝘷𝘪𝘦💘
Seen from Vietnam
İzmir Masaj
Seen from Turkey
DOGAL EV HALİ 🏡
Seen from Turkey
bú cặc duy mạnh
Seen from Vietnam
Xman
Seen from Thailand
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers