Olivia
Online
David Álvarez
@wormable
#TeamGen malware analyst 🖖 (Norton, Avast, Lifelock, MoneyLion...) | Author of the book Ghidra Software Reverse Engineering for Beginners
Galicia, Spain
Joined January 2019
687 Following
678 Followers
2.2K Posts
Pinned Tweet
Released v0.0.8 of windbg-decompile-ext.
This update adds a native dark decompile viewer for WinDbg, cached function browsing, and persistent replay for previously analyzed targets.
repo: https://t.co/8rXb1fGOuT
My talk "SELECT * FROM binary - Vibe Reversing Across IDA, Ghidra, and Binary Ninja" got accepted at @reconmtl .
I am happy to talk about this toolset (idasql, bnsql and ghidrasql) and how it is designed to allow AI agents to work across all these top 3 reverse engineering tools.
Point Claude, Codex, or your favorite agent to any single one or all of them at once, and allow your agent can now use the tools all at once to analyze one or more binary at once.
These work nicely with loops like "/goal" to allow e2e analysis over many hours.
Use cases:
- Full source code recovery (with types and code structure)
- Full database annotations (also with type recovery, comments, etc.)
- Binary diffing
- Or just any kind of Q&A against your binary or binaries
https://t.co/ohevK9zzxn
Who to follow
Reverse Engineering and More
@re_and_more
RE and More by Alexey Kleymenov (https://t.co/s1pWjL46AW). Private classes and group workshops in malware analysis and reverse engineering. #infosec #malware
Tim Blazytko 
@mr_phrazer
Binary Security Researcher & Trainer | PT Chief Scientist @ Emproof
Also at https://t.co/YBfgAt3kc7
rev.ng
@_revng
Building the next generation decompiler.
Binary analysis is a dish best served static.
Have been spending quite a good amount of time on the BRC4 2.6 release. So many new techniques, new smaller implant, new evasion methods, better QOL etc.. Whats funny is that the hard part wasn't the research, its the integration and testing. 😪 Might finally get some peace time after this release is done!
The attack also works on physical machines- use a usb to com cable- get one that dont require its driver to download.
It works all the way back to windows xp.
I have no azure account-but I think that the emm driver is auto loaded even in not RE there.
You can then without logging in still dump any process to none encrypted drive.
ps. booting in safe mode dont trigger tpmlock but downgrade lsaiso to just ppl.
pps. without login can also kill ppl process like defender.
3 times it stop starting again.
https://t.co/AeIdwj23cp
We are looking for sponsors for the upcoming Issue #9 of Paged Out!
If you know anyone who would be interested, send them to our page - https://t.co/aNXJkV9Q9w
New Zero Day Engineering research: Chrome Exploit Mitigations, by @alisaesage https://t.co/vMRAk24Zhi
aquí con mi padrino tecnológico, el gran Felipe Romera
cuando en 1999 escribí un email al PTA buscando una oficina para montar Hispasec, me convocó en su despacho y me regaló dos libros: uno sobre cómo crear un plan de empresa y el otro, su novela
desde entonces, siempre cerca
As we're observing active development of #Vidar, we're releasing a config extractor for the newest Vidar builds, together with an #IDA string decryption script.
Vidar has been actively developed in recent months, changing its versioning from 18.7 back to 1.0, with the latest builds now at 1.8. But the versioning was not the only thing that changed. Starting from version 1.5, Vidar was reworked, including a new string encryption mechanism, config protection, and additional anti-sandbox checks.
The released config extractor and string decryption script support versions 1.5 and later, as this is where a major rework was done. Previously, each string had its own single-byte XOR key. In versions 1.5+, each string is encrypted with a custom ChaCha-based stream cipher, using a per-string 44-byte key blob and a final single-byte XOR. As for config protection, earlier versions used a custom polyalphabetic substitution over a permuted alphabet with a position-dependent offset, whereas the new versions use a plain 16-byte repeating-key XOR, with the key stored right next to the encrypted blob. Apart from the XOR-encrypted config, Vidar also features a fallback config, which is resolved separately within the encrypted strings.
Vidar configuration extractor ↓
https://t.co/Vx67uGUqoJ
Vidar IDA string decryption script ↓
https://t.co/QnC38IBBmL
IoCs:
af992d4a96d5fcbdf3b0cd1783234ceb5ad9c2037349ec8a82e6d1aa7f2f0148 (Vidar v18.7)
4ed9e2f720e4f23ff0e57a1a032152f0452008da3447b7265d780cee3221c027 (Vidar v1.0) <--- Vidar changed versioning of their builds
ec6f4f05575a6e7401e167a8a0f2506a6755c2d832deb63a0a5ff027d5ee6c5d (Vidar v1.1)
5788e98d4f9dd24f6ff9797832229c9096cadd108aaabef8d6737aad111f77c6 (Vidar v1.2)
f9ef434791a0b9b8b5f2472a666febbbef46dc5bc196706173fa2111909fae10 (Vidar v1.3)
e130a62564efaff95fb43590e431114bb384a2a94215d07da6ce696c7709a369 (Vidar v1.4)
a9dc6cfa821c1c0d75c18fc8e07554bc8ad778ad49c39b0bbe38101c09c289b5 (Vidar v1.5)
296c97d66ac4cb05777f053fa2c17e78b415567e449d169aa3cf683a6565d28a (Vidar v1.5) <--- Vidar reworked (duplicit label v1.5)
16911bd74f0d6751a30a1be56a3752daf7bf333c0d6ec61d8746646dbe2a530d (Vidar v1.6)
27d4ad97468fa0388bc704a32dd5c5e21e6b1de76a160fbd2615530c58aa74a6 (Vidar v1.7)
155f9f56fcdab7dd03740656eaa27000ad68f76a4f7b4933fa57416278e909a7 (Vidar v1.8)
#malware #infostealer #extractor
The world’s most prominent cyber security leaders and researchers will gather at AVAR 2026 to discuss
the future of cyber security under the theme of Evolving Cyber Defence in the AI Era. Learn more about
AVAR 2026 at https://t.co/duSACEIKXA
#AVAR2026 #Cybersecurity #Conference
I fully agree: even targets such as anti-cheats and gaming DRMs have become significantly easier to analyze with agents, if you know how to guide them and validate their results.
@nicolodev and I will about that at @reconmtl:
https://t.co/SYeix8evn4
Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long.
That's changed now. Beyond the acceleration in vulnerability research and malware analysis, the same new reality applies to software protection, and security by obscurity, or assuming the attacker is limited in compute and motivation, no longer works.
Others could take control of your life (just put few resources for The Truman Show) I mean, without ethics at all. And tell you: Well, call the police!
(You can't talk about it! And they are the police).
Let's put it as gently as possible: "Interacting" (not even joinning) with an intelligence service means entering a complex, opaque, and difficult-to-leave system, where certain decisions can affect your freedom and your life in ways that are not always obvious or predictable.
I'm sure interacting with NSA is always an extremely good experience. 🙂❤️
Windows Internals for Security Engineers by @yarden_shafir
📅 Oct 12-15
📍 Espace Vinci or Espace Cléry, Paris 2nd
👉 https://t.co/90NKwD8DU3
OffensiveCon Berlin 2026's conference videos are out.
Do check it out!
https://t.co/ckefJJlBl7
New #TinyTracer (4.0) is ready: https://t.co/hNcO4b3zJ9 - refactored for compatibility with the latest PIN - and with some new features!
Last Seen Users on Sotwe
PASİF OROSPU EVLADI
Seen from Turkey
NutInYourPussy
Seen from South Africa
🇿🇦MelaninDave
Seen from South Africa
Yatırım Dünyası
Jordan singh
Seen from India
🔞XNXX boy Khmer 🔞
dito suka sange
Seen from Indonesia
⛔Mzansi Hub🔞
Seen from South Africa
แลกคู่ สวิ้ง ชอบเย็ดสาวใหญ่ สว
Seen from Thailand
KUDURUKLAR🔞
Seen from United Kingdom
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers