Olivia
Online
weak
@weak1337
19 - Student
Deutschland
Joined October 2020
36 Following
153 Followers
28 Posts
Pinned Tweet
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
🚀Last week, I got a sneak peek at @BackEngineerLab's latest project! Their demo ran in a bin2bin'd Windows kernel —flawlessly, without any stability issues. For those who know, dealing with exceptions, especially in binary obfuscation is quite a pain. Something to look out for!
My new article using HexRays IDA. to deal with obfuscated code. comercial like VmProtect and OpenSource like Alcatraz:
https://t.co/D64Cut4hfm
@modexpblog @solardiz This is possible and can be implemented as an alternative way for the pdb lookup (if exceptions are enabled). I will take a look at it.
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
@solardiz It does since it relies entirely on the pdb
@dinqr0 @gynvael @vollragm @OSaltyRoad @vm_call @HexRaysSA Well if they really decided to hold the mutex for the idbs, the cheat devs have to spend quite a bit of time (not just modifying some values in the pe header). However, I don’t see a point of having it open during game runtime anyway.
@gynvael @vollragm @OSaltyRoad @vm_call @HexRaysSA The goal of an Anti-Cheat is to also stop cheat developers in its tracks. Besides it’s capabilities of decompiling it can also be used as a debugger (which are blocked for obvious reasons).
@OSaltyRoad @vm_call @HexRaysSA Lots of games close themselves after finding out that IDA is running in the background (which is understandable). Banning for it just doesn’t make sense without any proof of it being attached to the game / having the executable in the history database
Improving MBA Deobfuscation using Equality Saturation by @fvrmatteo and @mr_phrazer.
https://t.co/JPYwVfrLQW
https://t.co/ttWMB6gLIa
Have you ever wondered if it was possible to execute code inside of a drivers .data section? Well, I did.
I created a PoC that abuses Windows' LargePageDrivers feature to copy shellcode into the beep.sys .data section and execute it.
Blog post: https://t.co/pcGVQkDBd8
Latest reversal of NVIDIAs nvml.dll which allows developers to query DeviceName, UUID and similar values. Communicates directly with NVIDIAs kernel module
https://t.co/bJVkwlzfxy
Touché
@_cheatengine Yep doing this since Halo Infinite recently introduced this technique 👍🏻
Finally... Windows Insider Preview WDK build 22557 integrates with VS 2022
https://t.co/ButGtzZ0vd
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers