Olivia
Online
msm
@MsmCode
Malware analyst. Cofounder of @p4_team. No independent thought: ALL opinions belong to my employers, cats. and friends. [email protected]
https://msm.lt
Joined February 2016
67 Following
1.7K Followers
139 Posts
Finally, some easy to use software for local CA/PKI management🙏.
Now live: a GUI for Step CA that allows to visualize all issued certificates; it also allows to create "invitations" to easily onboard (even non-technical) people onto your private CA through a friendly web-based flow.
GitHub icedevml/tinypki:
https://t.co/xzkWOFGNoN
We have just published a new blog article on the topic of ClickFix/fake CAPTCHA campaigns.
Step-by-step overview of the infection, malware analysis, IoCs and YARA rules to help secure your own infrastructure.
🔗 https://t.co/j8GZhlzq0m
My short blog post on ClickFix threats (with focus on malware used in recent campaigns): https://t.co/M1dMf7R2NE
Logowanie do #KSeF z poziomu Pythona przez klucz zgodny z PKCS#11, np. podpis/pieczęć kwalifikowaną w formie karty, tokena USB albo HSMa. Umożliwia też hostowanie kluczy od certyfikatów wydanych przez KSeF w HSMie, albo kluczem na dysku w formacie PEM.
https://t.co/nUz9zNwDyw
🔍 Have you tried monitoring certificate transparency logs lately and found existing tools or libraries disappointing?
✅ Fear not! We're releasing a better one, with tiled format support, async operations, state persistence and an easy-to-use API.
🔗 https://t.co/ouU7Zn6XAO
My new post about #malware #deobfuscation - https://t.co/8Iw3ytgIUa. I focus on the simple - but powerful - technique of local substitutions. Uses #ghidra and ghidralib. Thx @nazywam for review.
I analyzed thousands of messages from 35+ suspected state-sponsored hacktivist groups using machine learning—uncovering hidden connections through writing styles, language and topics.
After a year of research, here’s what we found and how we did it. 👇
https://t.co/KUnIhAmuRa
1/
Ghidralib development continues: py3 support, binary/asm patching, and symbolic propagation: https://t.co/dYKqRjADju. I also write docs for people who want to try it. Newest chapter: emulation https://t.co/XNgVL3uoww
#ghidra #reverseengineering
@fles_on No worries, it was easy to miss. Actually I forgot it was there and almost uploaded it for the second time. I hope it's useful. As for the band, hard question. Probably "Death" (the Chuck Schuldiner's band).
RULECOMPILE - Undocumented Ghidra decompiler rule language. A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL
https://t.co/Xh107IknTa
#reverseengineering #ghidra
@fles_on Sure! It's already there: https://t.co/5yY16lkCKj. (This is a small example binary with that obfuscation recreated, I can't share the original sample)
🚀Excited to announce ghidralib - a library that makes #Ghidra scripts drastically shorter and easier to write. I've been using it daily for #reverseengineering and decided it’s time to share! Check it out: https://t.co/dYKqRjADju And the docs: https://t.co/OosH9VIALT #infosec
Hi #Ghidra users. I've created a quick search/command palette/launcher plugin called "Ctrl+P". You can search for functions, labels, data, bookmarks, focus windows, launch scripts and trigger available action.
https://t.co/qViShbSd2m
#reversing #reverseengineering #infosec
🚨 Uwaga na fałszywe reklamy na dużych platformach internetowych!
Oszuści nadal skutecznie omijają mechanizmy weryfikacji, a platformy mają problem z ich powstrzymaniem.
Jakie są rodzaje oszustw i dlaczego te mechanizmy zawodzą? 🤔
🔍➡️ https://t.co/kzrfTNw8SR
@jciesz @PrzJar @MagdalenaGawin1 @kultura_gov_pl "skoro się pan na to zgodził, to chyba czuł pan, że są nie halo, prawda?" - jestem pod wrażeniem.
A: oddaj mi swój portfel albo dostaniesz!
B: [oddaje]
A: "skoro oddałeś portfel to chyba czułeś potrzebę podzielenia się, prawda?"
[PL] Oprócz Paged Out!, wypuściliśmy dzisiaj też wywiad z 𝗣𝗼𝗹𝗮𝗻𝗱 𝗖𝗮𝗻 𝗜𝗻𝘁𝗼 𝗦𝗽𝗮𝗰𝗲, tj. (@p4_team + @DragonSectorCTF + przyjaciele) o HACK-A-SAT 4:
↓↓↓
https://t.co/Y2owucLLuq
↑↑↑
![gynvael's tweet photo. [PL] Oprócz Paged Out!, wypuściliśmy dzisiaj też wywiad z 𝗣𝗼𝗹𝗮𝗻𝗱 𝗖𝗮𝗻 𝗜𝗻𝘁𝗼 𝗦𝗽𝗮𝗰𝗲, tj. (@p4_team + @DragonSectorCTF + przyjaciele) o HACK-A-SAT 4:
↓↓↓
https://t.co/Y2owucLLuq
↑↑↑ https://t.co/7c7q7HeJyc](https://pbs.twimg.com/media/GBofFVxWsAALdQ0.jpg)
@PELock Thanks! Yeah, I'm quite happy with it. IMO it's more robust than the technique Checkpoint used (https://t.co/iRfrH47kUU). DotRunpeX may be a state of the art .NET protector, but it's very hard for packers/protectors to evade dynamic analysis.
What's the first step of dynamically unpacking obfuscated .NET malware? Writing your own debugger, of course.
A story of unpacking the recent .NET stealer campaign: https://t.co/nra3snjqsM.
(Going to start posting more writeups soon, stay tuned)
I had the pleasure to conduct a 1.5 day #workshop about Threat Intel Pipelines and CTI to a room full of security experts during the #ITU Interregional #Cyberdrill for Europe and Asia-Pacific. I hope everyone had fun and maybe see you at the next Cyberdrill.
@1devlife No worries :). I time allows, I'll try to publish my writeups from my solutions when this Flare-On ends. Other than that I don't have any good resources to point to.
Finished my #flareon10 today! Fun fact: I used #Ghidra exclusively (no Ida) to solve almost all challenges (two exceptions: Android and PDP-11 Forth). It works great.
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers