Loading...

Binary Ninja Plugin: fix-stomped-imports

Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware that proved to be tricker than expected. As we'll see, this sample maps a PE [...]

By |2024-09-18T13:29:21+00:00September 18, 2024|

Version Tracking in Ghidra

When a binary is reverse engineered using Ghidra, various annotations are applied to aid in understanding the binary's behaviour. These annotations come in the form of comments, renamed functions, variables, arguments and more. [...]

By |2024-08-07T13:36:38+00:00August 7, 2024|

Emulation with Qiling

Qiling is an emulation framework that builds upon the Unicorn emulator by providing higher level functionality such as support for dynamic library loading, syscall interception and more. In this Labs post, we are [...]

By |2024-05-09T15:44:24+00:00May 9, 2024|
Go to Top