raw-data

Part 2 of the custom PE resources series: how to embed any binary as a resource in Visual Studio and extract it at runtime. https://t.co/eiyKeHjQnw

YARA-X 1.17.0 has been released. This time with the long-awaited `--fast-scan` option. https://t.co/bmmQP7Rp8A

Process Explorer has no driver file in its directory. It embeds the driver, and the 64-bit variant, as custom PE resources inside its own binary. Here's how that works: https://t.co/OiTrhB4UGZ

Spent some time battle-testing my LLVM Python bindings by building a basic lifter for x86: https://t.co/Z1T1073RkU

pyghidra-mcp v0.2.0 is out with new --gui mode. 👀 Your local LLM drives a real Ghidra CodeBrowser, not a plugin. New blog post shows firmware RE of the CVE-2024-3273 RCE chain with Gemma4. https://t.co/8ShfEIraXY

Repository is here (PRs welcome): https://t.co/oYwf1bmpkk Let me know if you find this handy :)

Binary Ninja 5.3 (Jotunheim) is released: https://t.co/jfRRcNRbYI Major highlights: NDS32 support, AArch64 ILP32 ABI, new Universal MachO UI, command palette upgrade, new type library helpers, ghidra export, updated IDB import, HW and conditional breakpoints, and much more!

Apple (copied BlockBlock 👀) and added ClickFix protections… but kept the good stuff private 😤 Reversed xprotectd to see how it really works and emerged with enough detail to build your own (kinda)! Read: No Paste for You! https://t.co/hoWodAY53h

The FLARE team now freely distributes its quality reverse engineering and malware analysis educational content at https://t.co/bGCIjBfD3C. Launched with: - Malware Analysis Crash Course - Go Reversing Reference - Intro to TTD