Karol Trociński
LightNews LightNews
karoltrocinski.bsky.social
Karol Trociński
@karoltrocinski.bsky.social
20 followers 110 following 3 posts
Security Research & Development
Posts Replies Media Videos
Reposted by Karol Trociński
hasherezade.bsky.social
New #PEsieve & #HollowsHunter
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!
December 14, 2024 at 4:33 PM
Reposted by Karol Trociński
rh0main.bsky.social
LIEF 0.16.0 is out featuring new (extended) capabilities like Dyld Shared Cache support, Assembler/disassembler, ...

lief.re/blog/2024-12...
December 10, 2024 at 11:24 AM
Reposted by Karol Trociński
abuse-ch.bsky.social
On the 1st of December, the notorious Socks5Systemz payload server hosted at AS57678 (Cat Technologies 🇭🇰) that is already active for several months started to serve a new version of Socks5Systemz ⤵️

🌐 urlhaus.abuse.ch/url/3189430/

This is the first major change since... ⬇️
December 5, 2024 at 10:45 AM
Reposted by Karol Trociński
validhorizon.bsky.social
virustotal.github.io/yara-x/blog/...
VirusTotal moves to YARA-X
When I began developing YARA-X, my primary goal was to create a tool capable of eventually replacing YARA for serious, professional use.
virustotal.github.io
December 4, 2024 at 4:52 PM
Reposted by Karol Trociński
radareorg.bsky.social
Ready for the Advent of Radare?
❄️🗓️ > radare.org/advent
Starting tomorrow, December 1st we will release every day a new article with general knowledge, tricks, scripts and challenges to solve with radare2 covering topics from #aor24 #reverseengineering
November 30, 2024 at 4:29 PM
Reposted by Karol Trociński
webcloud.se
Advent Of Code OCaml, Day 1, Part 1 - Done. That was fun!

Code review anyone? :D

github.com/danielstocks...
advent-of-code/2024/ocaml/lib/day01_1.ml at main · danielstocks/advent-of-code
:santa:🎄Yeehaaaaaa. Contribute to danielstocks/advent-of-code development by creating an account on GitHub.
github.com
December 1, 2024 at 10:45 AM
Reposted by Karol Trociński
rastamouse.me
[BLOG]
This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs.

rastamouse.me/udrl-sleepma...
UDRL, SleepMask, and BeaconGate
I've been looking into Cobalt Strike's UDRL, SleepMask, and BeaconGate features over the last couple of days. It took me some time to understand the relationship between these capabilities, so the aim...
rastamouse.me
November 30, 2024 at 2:05 AM
Reposted by Karol Trociński
esetresearch.bsky.social
#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. www.welivesecurity.com/en/eset-rese... 🧵
Bootkitty: Analyzing the first UEFI bootkit for Linux
ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.
www.welivesecurity.com
November 27, 2024 at 8:34 AM
Reposted by Karol Trociński
binary.ninja
Prefer Rust to C? There's no reason your decompilation has to necessarily target C as the output. With our Language Representation UI/API in 4.2 you can see all your decompilation as Rust instead.
November 22, 2024 at 5:03 PM
Reposted by Karol Trociński
radareorg.bsky.social
📚 “Comparing binaries with radiff2” - a video tutorial by Mohamed Atta Abozaid (Egypt)

👀 video youtu.be/RsI8hNhsi_U
👉source github.com/ReEng101/Bin...

#radare2 #reverseengineering #BinaryDiffing
November 24, 2024 at 7:34 AM
Reposted by Karol Trociński
matthewdgreen.bsky.social
Nice reverse engineering work to uncover the workings of iOS 18’s inactivity reboot. naehrdine.blogspot.com/2024/11/reve...
Reverse Engineering iOS 18 Inactivity Reboot
Wireless and firmware hacking, PhD life, Technology
naehrdine.blogspot.com
November 17, 2024 at 11:27 PM