For over a year, EasyAntiCheat's virtual machine code to asses kernel driver integrity was vulnerable to attacks abusing call hierarchy (the hierarchy of which functions are executed during integrity) Full write-up here: bright.engineer/posts/easyanti…

It looks like the source code for VMP has been leaked🤣

Our take on solving nonlinear MBAs. Paper accepted at WoRMA'23 worma.gitlab.io/2023/. Preprint: arxiv.org/abs/2305.06763

Finally got EagleVM in a somewhat stable place after actually writing some tests. Pretty happy with the current state of the project but there is still a lot I want to add. Looking forward to soon releasing the 1.0 🤠 github.com/notpidgey/Eagl…

If you're fascinated by binary rewriting, don't miss this outstanding work by my colleague, Chinmay Deshpande. His project introduces a binary recompiler designed to support the lifting and recompilation of x86/x64 multithreaded binaries! 🤩#eurosys24 dl.acm.org/doi/abs/10.114…

if you want to get to know someone(Nemi) who actually worked at Blizzard, built, and SOLD ACs, then listen to this episode: youtu.be/6xET66eitYY

I’m not trying to come across as dismissive, but it seems like there’s a gap in understanding the technical complexities of the issues you’re talking about in your videos. This applies to both you and Pirate Software as well lately It’s easy to comment broadly, but diving into

Bas Zweers (belabs_engineer) and James McGowan (@backengineerlab) bring a look at a real world commercial binary obfuscator to RE//verse 2026. This talk walks through analysis and custom tooling to peel back obfuscation on Windows kernel mode anti cheat and ends with a full

The ordinary gamer complains about kernel level anticheat, but in reality cheat software's are years ahead of the usual malware market, this level of sophistication, detail and internals knowledge is insane. Understand that's what AC have to deal on everyday basis?

Don't be fooled by LLM reversing. Yes, they are a great help, but analysis reports are full of tiny and bigger mistakes, even with 5(!) validation passes. Which means you can't trust them. Which means you have to validate everything.