@cryptax.bsky.social
Android malware analysis. Ph0wn CTF founder. IoT hacking. Frequent speaker at Virus Bulletin, Insomnihack etc. Based in France.
Currently testing Bluesky. Otherwise on Mastodon.social.
Currently testing Bluesky. Otherwise on Mastodon.social.
On Thursday afternoon, I am thrilled to give my first r2ai & ghidraMCP workshop at BruCON.
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
September 22, 2025 at 2:41 PM
On Thursday afternoon, I am thrilled to give my first r2ai & ghidraMCP workshop at BruCON.
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
Pre-requisites: you are good to go if you already have reversed a binary (with whatever #disassembler, it doesn't matter) OR if you have basic skills and understanding in #assembly.
#mcp #LLM #AI
Barb'hack is over and it was a pleasure to attend: very nice folks, friendly organizers, excellent food, best rumps lol and a CTF with a videogame interface+ challenges on Minitel. I loved it! Kudos to the staff.
#barbhack25
#barbhack25
August 31, 2025 at 5:52 AM
Barb'hack is over and it was a pleasure to attend: very nice folks, friendly organizers, excellent food, best rumps lol and a CTF with a videogame interface+ challenges on Minitel. I loved it! Kudos to the staff.
#barbhack25
#barbhack25
I've very happy to speak at Barb'hack on Saturday.
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
August 25, 2025 at 10:57 AM
I've very happy to speak at Barb'hack on Saturday.
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
barbhack.fr/2025/fr/conf...
There will be 2 demos.
One live.
One recorded - simply because I don't have the guts to do it live ;P
We reverse engineer Linux/Trigona and Linux/Shellcode with radare2 + AI + HI
HI standards for Human Intelligence ;P
Vous connaissez les vidéos de @tixlegeek.bsky.social ? Avec cet adorable Tux animé ? Ben, ça me faisait trop envie. Alors j'ai fait pareil avec Pico le Croco ! J'ai repris les explications de
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
June 30, 2025 at 4:48 PM
Vous connaissez les vidéos de @tixlegeek.bsky.social ? Avec cet adorable Tux animé ? Ben, ça me faisait trop envie. Alors j'ai fait pareil avec Pico le Croco ! J'ai repris les explications de
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
@tixlegeek.bsky.social dans le Twitch @laluka.bsky.social EP 193, et j'ai codé pour Pico :)
Nicolas Rouvière, of Ph0wn and SHL, will show you how to use Qiling in practice, for dynamic binary emulation. Don't miss it: on-site at SHL (Vallauris), June 19 at 7pm.
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
June 17, 2025 at 8:14 AM
Nicolas Rouvière, of Ph0wn and SHL, will show you how to use Qiling in practice, for dynamic binary emulation. Don't miss it: on-site at SHL (Vallauris), June 19 at 7pm.
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
In 2024, Nicolas used Qiling to solve the Ph0wn CTF teaser. See how here: github.com/ph0wn/writeu...
#qiling #CTF #binary
How many times will I have to say this?
Antivirus is not stupid and does NOT rely on fixed hashes or whatever to detect malware.
This is an outdated myth from prehistoric times.
Malware "signatures" understand binary formats + assembly and can easily dynamically detect variants.
Antivirus is not stupid and does NOT rely on fixed hashes or whatever to detect malware.
This is an outdated myth from prehistoric times.
Malware "signatures" understand binary formats + assembly and can easily dynamically detect variants.
June 13, 2025 at 9:46 AM
How many times will I have to say this?
Antivirus is not stupid and does NOT rely on fixed hashes or whatever to detect malware.
This is an outdated myth from prehistoric times.
Malware "signatures" understand binary formats + assembly and can easily dynamically detect variants.
Antivirus is not stupid and does NOT rely on fixed hashes or whatever to detect malware.
This is an outdated myth from prehistoric times.
Malware "signatures" understand binary formats + assembly and can easily dynamically detect variants.
Keynotes are a difficult exercises (for me). I'll be closing the @elbsides.bsky.social conference tomorrow with a *Quizz* keynote on how AI is used by malware authors (attack) and malware analysts (defense).
I even hope to have time for a short demo :)
#AI #malware #keynote #elbsides
I even hope to have time for a short demo :)
#AI #malware #keynote #elbsides
June 12, 2025 at 7:53 AM
Keynotes are a difficult exercises (for me). I'll be closing the @elbsides.bsky.social conference tomorrow with a *Quizz* keynote on how AI is used by malware authors (attack) and malware analysts (defense).
I even hope to have time for a short demo :)
#AI #malware #keynote #elbsides
I even hope to have time for a short demo :)
#AI #malware #keynote #elbsides
Just captured all flags of the Badge CTF at @bsideskrs.bsky.social :)
A fun badge based on RP2040 :)
A fun badge based on RP2040 :)
June 6, 2025 at 8:51 AM
Just captured all flags of the Badge CTF at @bsideskrs.bsky.social :)
A fun badge based on RP2040 :)
A fun badge based on RP2040 :)
Wrote a paper, with Daniel Nakov, on comparing the #quality & the speed of #malware analysis assisted by #r2ai, or without.
Spoiler 1: quality is =, speed is ++.
Spoiler 2: do not expect to get good results in a single question.
arxiv.org/pdf/2504.07574
cc: @radareorg.bsky.social #arxiv #radare2
Spoiler 1: quality is =, speed is ++.
Spoiler 2: do not expect to get good results in a single question.
arxiv.org/pdf/2504.07574
cc: @radareorg.bsky.social #arxiv #radare2
April 14, 2025 at 6:40 AM
Wrote a paper, with Daniel Nakov, on comparing the #quality & the speed of #malware analysis assisted by #r2ai, or without.
Spoiler 1: quality is =, speed is ++.
Spoiler 2: do not expect to get good results in a single question.
arxiv.org/pdf/2504.07574
cc: @radareorg.bsky.social #arxiv #radare2
Spoiler 1: quality is =, speed is ++.
Spoiler 2: do not expect to get good results in a single question.
arxiv.org/pdf/2504.07574
cc: @radareorg.bsky.social #arxiv #radare2
Demain, ph0wn labs #2 au SHL (shl.contact). Venez faire une farce sur le badge de Pico.
#pico #raspberry #badge #ph0wn #SHL #CTF #reverse
#pico #raspberry #badge #ph0wn #SHL #CTF #reverse
March 31, 2025 at 6:22 PM
Demain, ph0wn labs #2 au SHL (shl.contact). Venez faire une farce sur le badge de Pico.
#pico #raspberry #badge #ph0wn #SHL #CTF #reverse
#pico #raspberry #badge #ph0wn #SHL #CTF #reverse
Slides of my talk "Malware analysis with R2AI" @1ns0mn1h4ck.bsky.social filestore.fortinet.com/fortiguard/r...
Demo of string obfuscation on Linux/RudeDevil: asciinema.org/a/708621
Download and contribute to r2ai: github.com/radareorg/r2ai @radareorg.bsky.social
#AI #radare2 #malware #linux
Demo of string obfuscation on Linux/RudeDevil: asciinema.org/a/708621
Download and contribute to r2ai: github.com/radareorg/r2ai @radareorg.bsky.social
#AI #radare2 #malware #linux
March 18, 2025 at 11:16 AM
Slides of my talk "Malware analysis with R2AI" @1ns0mn1h4ck.bsky.social filestore.fortinet.com/fortiguard/r...
Demo of string obfuscation on Linux/RudeDevil: asciinema.org/a/708621
Download and contribute to r2ai: github.com/radareorg/r2ai @radareorg.bsky.social
#AI #radare2 #malware #linux
Demo of string obfuscation on Linux/RudeDevil: asciinema.org/a/708621
Download and contribute to r2ai: github.com/radareorg/r2ai @radareorg.bsky.social
#AI #radare2 #malware #linux
In this example, the 2 forks of the zygote process share the same scudo secret and memory layout, which basically removes it's security enhancements.
-
Keynote by Mathias Payer at @1ns0mn1h4ck.bsky.social #android #scudo #zygote #inso25
-
Keynote by Mathias Payer at @1ns0mn1h4ck.bsky.social #android #scudo #zygote #inso25
March 13, 2025 at 8:44 AM
In this example, the 2 forks of the zygote process share the same scudo secret and memory layout, which basically removes it's security enhancements.
-
Keynote by Mathias Payer at @1ns0mn1h4ck.bsky.social #android #scudo #zygote #inso25
-
Keynote by Mathias Payer at @1ns0mn1h4ck.bsky.social #android #scudo #zygote #inso25
Thursday Feb 13, at SHL (www.shl.contact), in Sophia Antipolis, 7pm, with your laptops.
1. Radare2 @radareorg.bsky.social **beginner** tutorial
2. Very simple CrackMes ... then more complex. Hack Pico le Croco's videophone, lift and door bell.
3. Play prior challenges of Ph0wn CTF
1. Radare2 @radareorg.bsky.social **beginner** tutorial
2. Very simple CrackMes ... then more complex. Hack Pico le Croco's videophone, lift and door bell.
3. Play prior challenges of Ph0wn CTF
February 11, 2025 at 3:46 PM
Thursday Feb 13, at SHL (www.shl.contact), in Sophia Antipolis, 7pm, with your laptops.
1. Radare2 @radareorg.bsky.social **beginner** tutorial
2. Very simple CrackMes ... then more complex. Hack Pico le Croco's videophone, lift and door bell.
3. Play prior challenges of Ph0wn CTF
1. Radare2 @radareorg.bsky.social **beginner** tutorial
2. Very simple CrackMes ... then more complex. Hack Pico le Croco's videophone, lift and door bell.
3. Play prior challenges of Ph0wn CTF
Checked it: no, the XOR is being done with different keys.
I attach the decrypt script. Can send it as a file if you prefer.
I attach the decrypt script. Can send it as a file if you prefer.
February 4, 2025 at 9:17 AM
Checked it: no, the XOR is being done with different keys.
I attach the decrypt script. Can send it as a file if you prefer.
I attach the decrypt script. Can send it as a file if you prefer.
I'll be presenting how #Android #malware abuse the #Accessibility API at Insomni'hack.
"The Accessibility Abyss: Navigating Android Malware Waters" - Friday April 26.
There will be a #demo video
"The Accessibility Abyss: Navigating Android Malware Waters" - Friday April 26.
There will be a #demo video
April 15, 2024 at 11:54 AM
I'll be presenting how #Android #malware abuse the #Accessibility API at Insomni'hack.
"The Accessibility Abyss: Navigating Android Malware Waters" - Friday April 26.
There will be a #demo video
"The Accessibility Abyss: Navigating Android Malware Waters" - Friday April 26.
There will be a #demo video
Tomorrow, join me at #Nullcon Berlin to reverse a #Dart #CTF challenge (non stripped) and a Flutter release malware (stripped).
We'll be using #JEB and #Radare2.
We also talk a little about Ghidra, IDA Pro and Binary Ninja.
nullcon.net/berlin-2024/...
Be sure to have some coffee before :)
We'll be using #JEB and #Radare2.
We also talk a little about Ghidra, IDA Pro and Binary Ninja.
nullcon.net/berlin-2024/...
Be sure to have some coffee before :)
March 14, 2024 at 7:16 AM
