Striga: Lifting x86 to LLVM IR with Python BackgroundWhile discussing with eversinc33 about lifting BinaryShield to LLVM IR I decided it would... 2026-5-21 11:0:0 | 阅读: 5 | 收藏 | secret club - secret.club sem i64 insn i8 memory

Hypervisors for Memory Introspection and Reverse Engineering 文章介绍了基于Rust的两个虚拟机监控程序（hypervisor）illusion-rs和matrix-rs，分别通过UEFI和Windows内核驱动实现内存检查和逆向工程。它们利用扩展页表（EPT）技术，在不修改来宾内存的情况下实现控制流重定向，并通过VM-exit指令如VMCALL、INT3等隐藏钩子。... 2025-6-2 00:0:0 | 阅读: 35 | 收藏 | secret club - secret.club ept memory hypervisor shadow pa

‘Reflections on Trusting Trust’, but completely by accident this time Compilers are complicated. You just won’t believe how vastly, hugely, mind-bogglingly complicated th... 2024-10-21 08:0:0 | 阅读: 12 | 收藏 | secret club - secret.club i1 i64 nelts aarch64 stage2

Ring Around The Regex: Lessons learned from fuzzing regex libraries (Part 2) I’m a little late (one whole month passed in a blink of an eye!). Let’s catch up.We briefly explored... 2024-8-24 06:0:0 | 阅读: 19 | 收藏 | secret club - secret.club pcre2 fuzzers developers behaviour harness

Ring Around The Regex: Lessons learned from fuzzing regex libraries (Part 1) Okay, if you’re reading this, you probably know what fuzzing is. As an incredibly reductive summary:... 2024-7-1 06:0:0 | 阅读: 21 | 收藏 | secret club - secret.club fuzzer harness fuzzers mutations

RISC-Y Business: Raging against the reduced machine AbstractIn recent years the interest in obfuscation has increased, mainly because people want to pr... 2023-12-24 19:0:0 | 阅读: 53 | 收藏 | secret club - secret.club riscvm i32 bitcode rv64 risc

RISC-Y Business: Raging against the reduced machine AbstractIn recent years the interest in obfuscation has increased, mainly because people want to pr... 2023-12-24 07:0:0 | 阅读: 11 | 收藏 | secret club - secret.club riscvm i32 bitcode rv64 messageboxa

Abusing undocumented features to spoof PE section headers Some time ago, I accidentally came across some interesting behaviour in PE files while debugging an... 2023-6-6 07:0:0 | 阅读: 4 | 收藏 | secret club - secret.club 0x8b 0x45 0x74 0x24 0x33

Bootkitting Windows Sandbox Introduction & MotivationWindows Sandbox is a feature that Microsoft added to Windows back in May 2... 2022-8-30 07:0:0 | 阅读: 7 | 收藏 | secret club - secret.club windows efi microsoft bootkit baselayer

Improving MBA Deobfuscation using Equality Saturation This blog post will first give a brief overview of obfuscation based on Mixed-Boolean-Arithmetic (MB... 2022-8-9 07:0:0 | 阅读: 3 | 收藏 | secret club - secret.club 0x2

Earn $200K by fuzzing for a weekend: Part 2 Below are the writeups for two vulnerabilities I discovered in Solana rBPF, a self-described “Rust v... 2022-5-11 16:0:0 | 阅读: 3 | 收藏 | secret club - secret.club solana rbpf meter unwrap

Earn $200K by fuzzing for a weekend: Part 1 By applying well-known fuzzing techniques to a popular target, I found several bugs that in total yi... 2022-5-11 15:0:0 | 阅读: 7 | 收藏 | secret club - secret.club ebpf insn imm i64 wrapping

Tickling VMProtect with LLVM: Part 1 This series of posts delves into a collection of experiments I did in the past while playing around... 2021-9-9 07:0:0 | 阅读: 6 | 收藏 | secret club - secret.club i64 nonnull vsp noalias

Tickling VMProtect with LLVM: Part 2 This post will introduce the concepts of expression slicing and partial CFG, combining them to imple... 2021-9-9 07:0:0 | 阅读: 4 | 收藏 | secret club - secret.club i64 noalias nonnull passes

Tickling VMProtect with LLVM: Part 3 This post will introduce 7 custom passes that, once added to the optimization pipeline, will make th... 2021-9-9 07:0:0 | 阅读: 7 | 收藏 | secret club - secret.club i64 i32 i8 noalias

Windows 11: TPMs and Digital Sovereignty This article is an opinion held by a subset of members about the potential plan from Microsoft about... 2021-6-28 08:0:0 | 阅读: 9 | 收藏 | secret club - secret.club tpm microsoft firmware windows machine

Preventing memory inspection on Windows Have you ever wanted your dynamic analysis tool to take as long as GTA V to query memory regions whi... 2021-5-24 07:0:0 | 阅读: 13 | 收藏 | secret club - secret.club memory 0x2000 nullptr