Olivia
Online
Salvatore Lazzarone
@slazzarone
Software security antagonist.
Currently hacking LLVM for pasta.
@[email protected]
France
Joined April 2015
754 Following
84 Followers
92 Posts
Practical Android Software Protection in the Wild: An Appetizer
In which @Farenain analyzes 2.5 million Android apps to identify and classify the obfuscators, packers and code protectors they use:
https://t.co/xKQGrK2qxI
Exploring the relationship between compilers, obfuscation, and de-obfuscation through LLVM, by Robert Yates (@quarkslab)
https://t.co/7rfwhEczcz
#infosec
Exploring the relationship between compilers, obfuscation, and de-obfuscation by Robert Yates (@quarkslab)
https://t.co/7rfwhEczcz
#infosec
Who to follow
Robert Yates
@yates82
Doing compiler magic at Quarkslab. Passionate about Reverse Engineering and Binary Analysis. - past developer of DRM for Sony(SecuROM 7+)/Denuvo. Ex-Scene 97-05
eShard 
@eshard
Beyond testing tools, solutions that deliver expertise.
🌐 Chip & binary security testing
https://t.co/1dUvkjLR8L
https://t.co/BCMLXCF49H
Peter Goodman
@peter_a_goodman
C++ developer specializing in source and binary program analysis and transformation.
LLMs have gotten good enough at reverse engineering to recover source code from obfuscated binaries with real accuracy.
So we asked the obvious next question: how fast and cheap is it to use one to build obfuscation specifically designed to beat it?
We benchmarked Claude Opus 4.6 against the Tigress obfuscator across 20 targets first, to map its strengths and failure modes. 40% solve rate. Phase 3 multi-layer combos hit 0%, with cost explosions that killed the runs.
Then we ran a dev/test/refine loop to build 3 purpose-built obfuscation variants targeting the same crackme, iterating directly against the model's known weaknesses.
The finding: LLM-targeted obfuscation is fast and cheap to develop. Context windows, budget caps, and shortcut biases are all exploitable attack surfaces.
The arms race just shifted.
You've heard of loop unrolling, now get ready for loop rolling.
MAD Bugs: All Your Reverse Engineering Tools Are Belong to US
Ghidra, radare2, IDA Pro, and Binary Ninja Sidekick. If your tool doesn't show up here, it's not cool enough. Contact us for a free RCE.
https://t.co/PsCenNMKtI
Just shipped a WinDbg x64 extension that turns live disassembly into verified pseudocode via LLM — chunked multi-pass analysis, in-process HTTP, mock fallback, and a verification pass that cross-checks LLM output against original analysis facts.
https://t.co/8rXb1fGOuT
I've been building libghidra: a typed SDK for automating Ghidra from C++, Python, and Rust (mainly for AI agents). Decompile, rename, comment, inspect symbols/types/xrefs, save, close, and reopen projects from code. Treat Ghidra like infrastructure, not just a GUI.
Under the hood this is a typed API surface over a Ghidra host/extension. The same core workflows exist across C++, Python, and Rust, so you can use it for quick scripts, larger pipelines, or native tooling. 1/n
Ok, ida-frustrated 0.0.2 has now some cool animations and scenes. Press Ctrl-Alt-T in any widget to get a random visual. It really would uplift the frustration! ;)
I decided to commit another part to the Applied Reverse Engineering series with an article diving into rolling your own primitive tracer for discrete purposes; coupled with an analysis on outrunning integrity checks.
https://t.co/GjIZpjhVzw
preprint from Thales/INRIA Rennes, proposing the Rumba algorithm:
A Mathematical Framework for MBA simplification
https://t.co/Zr9DofKYd6
99.86% of 73K+ obfuscated expressions, simplified. CoBRA is a new open-source tool that handles four types of Mixed Boolean-Arithmetic obfuscation where existing tools fail. 🧵
Deep dive into the provisionning an on-prem low-privileged #LLM stack, with air-gapped networking and GPU-isolation, hardened down to kernel modules.
What could possibly go wrong?
Read the full article here: https://t.co/OS4clOUn2N
new MBA article: Unifying Mixed Boolean-Arithmetic Obfuscation by Architectural and Anti-Generalization Hardening https://t.co/nMDOAk1tZK
For anyone dealing with RASP protected apps, frida-strace is now your first step. Trace the syscalls, find what the app checks, hook those specific
functions, bypass. No more guessing. Frida 17.8.0+, kernel 6.1+ required.
#Frida #MobileSecurity #AppSec
Préparez vos outils, le challenge SSTIC sortira le mercredi 15 avril 2026 !
https://t.co/o0NWcWpqKd
If you're interested about anti-cheat reverse engineering then please checkout my very detailed and rich article about EMACLAB Anti-cheat.
This anti-cheat software is used in Counter-Strike 2 league called GamersClub, pretty popular in South America.
https://t.co/jLmbpAfVSG
the full preprint is available here: https://t.co/E7NNP9Y4wZ
source code will be made available soon!
also thank you to my co-authors @xorpse @binarly_io @mlsec @bifoldberlin
Last Seen Users on Sotwe
José Pablo Coello
Seen from Mexico
คุณหมี | ฟอนต์ลายมือ ✨
Seen from United Kingdom
Ipek
Seen from Turkey
飞机官
Seen from Vietnam
Suka Main
Seen from Malaysia
👄😘😘😘😘
Richard Goldberg
Seen from United States
Kênh Khẩu Dâm
Seen from Vietnam
TÜRK PORNO EDIT❤️
Seen from Turkey
Jegeg Bali 🖤💦
Seen from Indonesia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers