For a long time, Linux was my primary subject of study. I didn’t find Windows internals particularly interesting until I took on a malware analysis task. It was during this task that I began to app...

Recently, I made the decision to finally publish my tool focused on unpacking, called Shinigami. The idea for Shinigami came to me two years ago, but I never actually implemented it until now. Init...

Wow, it’s been more than two years since my last blog post. Time flies! But now, in 2023, I am eager to start filling this blog with cool and useful content, and I hope to maintain it for a long ...

A couple months ago I created felf, a library to parse ELF files into C++ structures, the reason for this was to have a way in C++ to work on ELF files using STL structures like vector, unordered m...

At Flare 7th edition, my favorite challenge was re_crowd, this challenge was really close to a very real world scenario, with just an pcap we are able to understand how the company was attacked, wh...

At Flare-on 7th there was a very interesting malware analysis challenge that envolved a very unique hide technique for malicious Macros. This technique is called VBA Stomp, this works by hiding the...

The 7th challenge of Flare-On CTF, give to us a QR code generator software that are fully obfuscated, the fun part of this challenge was interpret, analyse and deobfuscate core components of the so...

One of the greatest problems in mapping threats today, is detect from where it’s came, if is from the same group, same person or even from the same governament. In order to group everything up and...

This challenge from hackthebox, give you an address with a running PHP application, when you open the web page, you will notice a phpinfo() page with: Your IP is 10.255.0.2 Make sure to load php-c...