expy

@expend20

Joined February 2018

906 Following

723 Followers

281 Posts

3 months ago

Ported Polaris-Obfuscator from C++/LLVM 16 to Python on LLVM 21. 9 passes: encrypted flattening, modular-arithmetic predicates, pointer mazes, function merging, and an X86 MIR pass that makes IDA's decompiler hallucinate variables that never existed. https://t.co/eaQSD0ppKp

0

76

12

63

6K

3 months ago

Shifting Codes — open-source LLVM obfuscation passes ported from Pluto/Polaris/riscy-business to Python via llvm-nanobind. 17 passes, PyQt6 UI, works with modern LLVM 21. Blog post walking through Pluto obfuscations: https://t.co/BZWUrNopYD GitHub: https://t.co/BhHd1G5xV5

0

26

6

23

3K

10 months ago

@pentest_swissky @kmkz_security @two06 Great reading! Just curious what would you do if disassembly or just symbols would be several dozens of megabytes?

0

0

0

0

91

10 months ago

@ifsecure are there any info about Big Sleep itself?

1

0

0

0

173

Who to follow

Chrome GPU sandbox escape and Anroid Kernel Stuff.

A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf

@eternalsakura13

Lead Security Researcher @zellic_io. Top 3 Chrome VRP. Top 2 Facebook Whitehat. MSRC MVRs 9th. BlackHat Asia/USA & Zer0Con & OffensiveCon speaker.

11 months ago

@waleedassar was this causing a BSOD?

1

0

0

0

58

11 months ago

@Razvieu a weekend project, will release it in a couple of weeks I guess

0

0

0

0

37

11 months ago

which feature of a debugger (or RE tool based on it) you were always missing in WinDBG/x64dbg or CheatEngine?

2

18

0

8

1K

11 months ago

@CyberGhost13337 on x64 I think it's generally unavailable information, first 4 parameters are passed via registers, so as soon as you enter the function, optimizing compiler will do it's thing and then, in the middle of the function, you no longer have access to parameters

0

1

0

0

41

12 months ago

@mrexodia @x64dbg just curiuos is arm64 support planned?

1

0

0

0

77

12 months ago

@21verses @krishna_2803 @PTRACE_TRACEME @cystariitm hi! great stuff, are you okay if I incorporate some/all of your passes into https://t.co/dB8Wj4ReqE?

1

1

0

0

169

expend20 retweeted

Duncan Ogilvie 🍍

about 1 year ago

Also made a quick video on how to install TitanHide in Windows Sandbox using the SandboxBootkit project. It takes about 3 minutes end-to-end.

2

188

45

83

16K

about 1 year ago

@spaceraccoonsec @nostarch just noticed a small error in ch1 about buffer overflow, my gcc on ubuntu shows "stack smashing detected" even without "-fstack-protector", to replicate intended behavior one would need to add "-fno-stack-protector"

1

1

0

0

105

about 1 year ago

Using LLMs to play Flare-On 11. Much more fun compared to pre-LLMs era. https://t.co/ZCuQNHYsh9

0

101

21

61

11K

about 1 year ago

@x64dbg out of curiosity: what are the factors influencing that decision?

1

0

0

0

103

over 1 year ago

expend20's tweet photo. @levelsio https://t.co/l6Fx8nm8go

0

1

0

0

62

over 1 year ago

BinaryShield a bin2bin x86-64 code virtualizer crackme solution https://t.co/A2VFaMQsnc

0

72

25

57

10K

over 1 year ago

@sarperavci Great project! If I may ask: where did you get data - parsed ctftime write-up section?

1

1

0

0

497

over 1 year ago

Solving easy 'Hack This Game' challenge using Cheat Engine https://t.co/rIkcYGL3L3

0

7

1

5

1K

over 1 year ago

@spaceraccoonsec @nostarch Is the highlighted red content written or not written yet?

1

0

0

0

1K

over 1 year ago

@exploitsclub @ssnossnossno @lemire @L0Psec @ProjectZeroBugs just curious, are you making the summaries in AI? :)

1

1

0

0

153

Last Seen Users on Sotwe

Trends for you

Most Popular Users