Reposted
My new post about #malware #deobfuscation - cert.pl/en/posts/202.... I focus on the simple - but powerful - technique of local substitutions. Uses #ghidra and ghidralib. Thx @nazywam.bsky.social for the review.
Deobfuscation techniques: Peephole deobfuscation
In this article we describe a basic deobfuscation technique by leveraging a code snippet substitution.
cert.pl
April 24, 2025 at 1:22 PM
My new post about #malware #deobfuscation - cert.pl/en/posts/202.... I focus on the simple - but powerful - technique of local substitutions. Uses #ghidra and ghidralib. Thx @nazywam.bsky.social for the review.