Jim Stevens
@jimstevens2001.bsky.social
Co-founder of DTRSEC and co-creator of REnigma
working on malware analysis and reverse engineering. dtrsec.com
working on malware analysis and reverse engineering. dtrsec.com
Here's the next Reversing in REnigma Training Video! This video shows how to use the recording note feature to track ticket numbers, CVE numbers, and other useful labels during your analysis work! Enjoy!
www.youtube.com/watch?v=iChO...
www.youtube.com/watch?v=iChO...
Editing and Viewing the Recording Note in REnigma
YouTube video by DTRSEC
www.youtube.com
June 19, 2025 at 5:54 PM
Here's the next Reversing in REnigma Training Video! This video shows how to use the recording note feature to track ticket numbers, CVE numbers, and other useful labels during your analysis work! Enjoy!
www.youtube.com/watch?v=iChO...
www.youtube.com/watch?v=iChO...
Here's the next Reversing in REnigma Training Video! This video shows how to use the Tshark command line interface with REnigma's ability to export the PCAP and TLS Keys to view decrypted TLS traffic! Enjoy!
www.youtube.com/watch?v=mQI1...
www.youtube.com/watch?v=mQI1...
Decrypting TLS Traffic with REnigma and Tshark Command Line Interface
YouTube video by DTRSEC
www.youtube.com
June 4, 2025 at 4:38 PM
Here's the next Reversing in REnigma Training Video! This video shows how to use the Tshark command line interface with REnigma's ability to export the PCAP and TLS Keys to view decrypted TLS traffic! Enjoy!
www.youtube.com/watch?v=mQI1...
www.youtube.com/watch?v=mQI1...
Here's the next Reversing in REnigma Training Video! This video shows how to use REnigma to download the PCAP and TLS Session Keys file for a recording and how to use Wireshark to view decrypted TLS traffic! Enjoy!
www.youtube.com/watch?v=jmyV...
www.youtube.com/watch?v=jmyV...
Decrypting TLS Traffic with REnigma and Wireshark
YouTube video by DTRSEC
www.youtube.com
May 22, 2025 at 4:06 PM
Here's the next Reversing in REnigma Training Video! This video shows how to use REnigma to download the PCAP and TLS Session Keys file for a recording and how to use Wireshark to view decrypted TLS traffic! Enjoy!
www.youtube.com/watch?v=jmyV...
www.youtube.com/watch?v=jmyV...
Here's the next Reversing in REnigma Training Video! This video shows how to use REnigma's single stepping debugger to step into the Windows kernel during the NtCreateFile system call and examine CPU register state and key memory data structures! Enjoy!
www.youtube.com/watch?v=MdKh...
www.youtube.com/watch?v=MdKh...
Single Stepping a System Call With the REnigma Debugger
YouTube video by DTRSEC
www.youtube.com
May 2, 2025 at 3:04 PM
Here's the next Reversing in REnigma Training Video! This video shows how to use REnigma's single stepping debugger to step into the Windows kernel during the NtCreateFile system call and examine CPU register state and key memory data structures! Enjoy!
www.youtube.com/watch?v=MdKh...
www.youtube.com/watch?v=MdKh...
Here's the next Reversing in REnigma Training Video! This video shows how to analyze the Windows registry activity of a malware executable!
www.youtube.com/watch?v=9Xrn...
www.youtube.com/watch?v=9Xrn...
Process Registry Details Analysis in REnigma
YouTube video by DTRSEC
www.youtube.com
April 25, 2025 at 5:56 PM
Here's the next Reversing in REnigma Training Video! This video shows how to analyze the Windows registry activity of a malware executable!
www.youtube.com/watch?v=9Xrn...
www.youtube.com/watch?v=9Xrn...
Here's the next Reversing in REnigma Training Video! This video shows how to view the metadata and content of a file created by malware!
www.youtube.com/watch?v=n4mT...
www.youtube.com/watch?v=n4mT...
Viewing the contents of created files in REnigma
YouTube video by DTRSEC
www.youtube.com
April 15, 2025 at 2:09 PM
Here's the next Reversing in REnigma Training Video! This video shows how to view the metadata and content of a file created by malware!
www.youtube.com/watch?v=n4mT...
www.youtube.com/watch?v=n4mT...
Here's the next Reversing in REnigma Training Video! This video shows how to see the files created and opened by a malware executable! Enjoy!
www.youtube.com/watch?v=3Cof...
www.youtube.com/watch?v=3Cof...
How to see files created and opened by malware in REnigma
YouTube video by DTRSEC
www.youtube.com
April 11, 2025 at 5:08 PM
Here's the next Reversing in REnigma Training Video! This video shows how to see the files created and opened by a malware executable! Enjoy!
www.youtube.com/watch?v=3Cof...
www.youtube.com/watch?v=3Cof...
Here's the next Reversing in REnigma video! This covers how to drill down into the network event details in the process tree! Enjoy!
www.youtube.com/watch?v=Yu4v...
www.youtube.com/watch?v=Yu4v...
Overview of Process Network Details in REnigma
YouTube video by DTRSEC
www.youtube.com
April 4, 2025 at 10:41 PM
Here's the next Reversing in REnigma video! This covers how to drill down into the network event details in the process tree! Enjoy!
www.youtube.com/watch?v=Yu4v...
www.youtube.com/watch?v=Yu4v...
REnigma Recording Details Overview
YouTube video by DTRSEC
www.youtube.com
April 1, 2025 at 10:07 PM
Here's the next Reversing in REnigma training video! This video shows how REnigma can go back in time during a recording to do memory dump analysis at any instruction commit or system event you choose! Enjoy!
www.youtube.com/watch?v=giEs...
www.youtube.com/watch?v=giEs...
Overview of Memory Dump Analysis in REnigma
YouTube video by DTRSEC
www.youtube.com
March 27, 2025 at 6:31 PM
Here's the next Reversing in REnigma training video! This video shows how REnigma can go back in time during a recording to do memory dump analysis at any instruction commit or system event you choose! Enjoy!
www.youtube.com/watch?v=giEs...
www.youtube.com/watch?v=giEs...
Here's the next Reversing in REnigma training video! This video gives a demonstration of how to quickly navigate through a replay using execution breakpoints and replay snapshots (Rsnaps). Enjoy!
www.youtube.com/watch?v=44Ne...
www.youtube.com/watch?v=44Ne...
Navigating Replays with Execution Breakpoints and Rsnaps
YouTube video by DTRSEC
www.youtube.com
March 20, 2025 at 5:42 PM
Here's the next Reversing in REnigma training video! This video gives a demonstration of how to quickly navigate through a replay using execution breakpoints and replay snapshots (Rsnaps). Enjoy!
www.youtube.com/watch?v=44Ne...
www.youtube.com/watch?v=44Ne...
This Reversing in REnigma video introduces the concept of execution points, which is how REnigma represents time during a recording, and the various ways they are used in the tool to enable replay analysis workflows. Enjoy!
www.youtube.com/watch?v=QxEn...
www.youtube.com/watch?v=QxEn...
Introduction to Execution Points for Advanced REnigma Analysis
YouTube video by DTRSEC
www.youtube.com
March 11, 2025 at 5:07 PM
This Reversing in REnigma video introduces the concept of execution points, which is how REnigma represents time during a recording, and the various ways they are used in the tool to enable replay analysis workflows. Enjoy!
www.youtube.com/watch?v=QxEn...
www.youtube.com/watch?v=QxEn...
Reposted by Jim Stevens
Don't let the "play" in our new Python playbooks fool you, they do serious work for your business.
Now you can run Python-based playbooks to automate security operations, enhance detections, and streamline workflows!
Check out what's possible: limacharlie.io/blog/playboo...
Now you can run Python-based playbooks to automate security operations, enhance detections, and streamline workflows!
Check out what's possible: limacharlie.io/blog/playboo...
LimaCharlie Python Playbooks: Security Automation
Discover LimaCharlie's Python playbooks for SecOps Cloud Platform automation. These scripts offer granular control, flexible triggering options, and seamless API integration to enhance security operat...
lc.pub
March 10, 2025 at 8:09 PM
Don't let the "play" in our new Python playbooks fool you, they do serious work for your business.
Now you can run Python-based playbooks to automate security operations, enhance detections, and streamline workflows!
Check out what's possible: limacharlie.io/blog/playboo...
Now you can run Python-based playbooks to automate security operations, enhance detections, and streamline workflows!
Check out what's possible: limacharlie.io/blog/playboo...
Here's the next Reversing in REnigma training video! Enjoy!
This video is an overview of process details, including command line arguments, network activity, file system activity (including downloading/viewing created files), and registry activity.
www.youtube.com/watch?v=6M2o...
This video is an overview of process details, including command line arguments, network activity, file system activity (including downloading/viewing created files), and registry activity.
www.youtube.com/watch?v=6M2o...
Process Details Analysis Overview in REnigma
YouTube video by DTRSEC
www.youtube.com
February 27, 2025 at 6:59 PM
Here's the next Reversing in REnigma training video! Enjoy!
This video is an overview of process details, including command line arguments, network activity, file system activity (including downloading/viewing created files), and registry activity.
www.youtube.com/watch?v=6M2o...
This video is an overview of process details, including command line arguments, network activity, file system activity (including downloading/viewing created files), and registry activity.
www.youtube.com/watch?v=6M2o...
Youtube Short showing how to record a URL in REnigma! Enjoy!
youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
Record a URL in REnigma #malware #phishing #cybersecurity #browser #reverseengineering #sandbox
YouTube video by DTRSEC
youtube.com
February 25, 2025 at 4:39 AM
Youtube Short showing how to record a URL in REnigma! Enjoy!
youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
Youtube Short showing how to record a URL in REnigma! Enjoy!
www.youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
www.youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
Record a URL in REnigma #malware #phishing #cybersecurity #browser #reverseengineering #sandbox
YouTube video by DTRSEC
www.youtube.com
February 25, 2025 at 4:36 AM
Youtube Short showing how to record a URL in REnigma! Enjoy!
www.youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
www.youtube.com/shorts/Y5K1T...
#malware #phishing #cybersecurity #browser #reverseengineering #sandbox
Here's the next Reversing in REnigma training video on analyzing the Process Tree over the recording! Hope you enjoy!
www.youtube.com/watch?v=cKtF...
www.youtube.com/watch?v=cKtF...
Process Tree Analysis in REnigma
YouTube video by DTRSEC
www.youtube.com
February 17, 2025 at 8:03 PM
Here's the next Reversing in REnigma training video on analyzing the Process Tree over the recording! Hope you enjoy!
www.youtube.com/watch?v=cKtF...
www.youtube.com/watch?v=cKtF...
Cool GitHub that collects lots of resources for detection engineering including rule sets, best practices, tools, reference materials, etc.
github.com/st0pp3r/awes...
github.com/st0pp3r/awes...
GitHub - st0pp3r/awesome-detection-engineer: Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configura...
Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log refere...
github.com
February 12, 2025 at 4:12 PM
Cool GitHub that collects lots of resources for detection engineering including rule sets, best practices, tools, reference materials, etc.
github.com/st0pp3r/awes...
github.com/st0pp3r/awes...
Reposted by Jim Stevens
🚨 🚨 🚨 This is a warm welcome to a first-time Gold Sponsor: Deterministic Security!🚨 🚨 🚨
Check them out over at dtrsec.com
Here's a cool breakdown of their tool, REnigma: https://buff.ly/4jTzsO4
Check them out over at dtrsec.com
Here's a cool breakdown of their tool, REnigma: https://buff.ly/4jTzsO4
February 12, 2025 at 8:47 AM
🚨 🚨 🚨 This is a warm welcome to a first-time Gold Sponsor: Deterministic Security!🚨 🚨 🚨
Check them out over at dtrsec.com
Here's a cool breakdown of their tool, REnigma: https://buff.ly/4jTzsO4
Check them out over at dtrsec.com
Here's a cool breakdown of their tool, REnigma: https://buff.ly/4jTzsO4
Here's the next training video in the Reversing in REnigma series on Network Analysis and PCAP Download! Enjoy!
www.youtube.com/watch?v=Nw5o...
www.youtube.com/watch?v=Nw5o...
January 28, 2025 at 3:39 PM
Here's the next training video in the Reversing in REnigma series on Network Analysis and PCAP Download! Enjoy!
www.youtube.com/watch?v=Nw5o...
www.youtube.com/watch?v=Nw5o...
Reposted by Jim Stevens
Tune in Friday as @jimstevens2001.bsky.social from Deterministic Security breaks down Sandbox Workflows with REnigma. Live at 10:30am PT.
limacharlie.io/defender-fri...
#infosec
limacharlie.io/defender-fri...
#infosec
January 22, 2025 at 6:34 PM
Tune in Friday as @jimstevens2001.bsky.social from Deterministic Security breaks down Sandbox Workflows with REnigma. Live at 10:30am PT.
limacharlie.io/defender-fri...
#infosec
limacharlie.io/defender-fri...
#infosec
Here's the new Reversing in REnigma training video on the recording details page, including recording summary, alerts, and static/network/process/memory analysis. Enjoy!
www.youtube.com/watch?v=7iIo...
www.youtube.com/watch?v=7iIo...
January 22, 2025 at 7:14 PM
Here's the new Reversing in REnigma training video on the recording details page, including recording summary, alerts, and static/network/process/memory analysis. Enjoy!
www.youtube.com/watch?v=7iIo...
www.youtube.com/watch?v=7iIo...
Here's the next training video in the Reversing in REnigma series. It describes how to record and replay a malicious executable in REnigma. Enjoy!
www.youtube.com/watch?v=TGr8...
www.youtube.com/watch?v=TGr8...
Recording and Replaying a Malware Executable with REnigma
YouTube video by DTRSEC
www.youtube.com
January 15, 2025 at 6:02 PM
Here's the next training video in the Reversing in REnigma series. It describes how to record and replay a malicious executable in REnigma. Enjoy!
www.youtube.com/watch?v=TGr8...
www.youtube.com/watch?v=TGr8...
MSSN CTRL 2024 talk we did on how to analyze malware with a programmable sandbox. It includes a demo of REnigma's backtracker going backwards in time to find TLS plaintext from encrypted bytes sent to network interface memory mapped IO writes.
limacharlie.io/events/mssn-...
The SecOps Cloud Platform
limacharlie.io
December 7, 2024 at 11:20 PM
MSSN CTRL 2024 talk we did on how to analyze malware with a programmable sandbox. It includes a demo of REnigma's backtracker going backwards in time to find TLS plaintext from encrypted bytes sent to network interface memory mapped IO writes.
limacharlie.io/events/mssn-...