Solving (and Pwning) Flare-On Level 10 jro.sg/flareon11/solv… #flareon11

#FlareOn11 is over, so I published the repository with all my source codes: github.com/hasherezade/fl…. Write-ups coming soon!

My solution for the 10-th task: hshrzd.wordpress.com/2024/10/27/fla… #FlareOn11

Flare-On 11's CatBert CTF challenge walkthrough youtu.be/B1hE2z5JmLo #flareon11

tldw; For #flareon11 challenge #10 by Mark, here's the approach I took: 1. Use UEFI Tool to extract the Shell app from the bios file 2. Use efiXplorer and Lumina to bring it as many symbols as possible 3. Use the angr framework to solve flag #1 and flag #2 4. For flag

Excited to be able to publicly share the research I've been focusing on (and off) for the past several months! ~ lookout.com/threat-intelli…

Frequent freeloader part II: After co-opting the tools and infrastructure of another nation-state threat actor to facilitate espionage activities, Secret Blizzard used those tools and infrastructure to compromise targets in Ukraine. These campaigns consistently led to the

FLARE is releasing a tool today that I've been working on over this year that helps break down binaries into smaller functional clusters and uses Gemini to describe their relationships, behavior and the overall malware functionality. It's called XRefer and it is out for you to

Writing an IDA processor module for the PigletVM youtu.be/JfPU31HLHrc

Verifying myself: I am marklechtik on Keybase.io. 9RMVFje1UmWmrBeffCo6c69DF6sjVQ_FGpMI / keybase.io/marklechtik/si…

My old keybase is dead, if you want to reach me on keybase use this one.

In case if you wonder what broke #ProcessHollowing on Windows 11 24H2, I have something for you: hshrzd.wordpress.com/2025/01/27/pro…

Read “Behind Hacking-Team’s vector-edk“ on Medium: medium.com/@wolfcod/behin…

Check out our latest report covering Ivanti CSA vulnerability with complete root cause analysis, detailed breakdown of ITW exploitation, overview of worldwide targets alongside comprehensive IoCs & detection rules 👇🏻 harfanglab.io/insidethelab/i…