Reverse engineering of runtime code integrity protection in Call of Duty: Black Ops 3 momo5502.com/posts/2022-11-… Credits: Maurice Heumann #reverseengineering

Reverse engineering of ESP32's precompiled Wi-Fi stack Part 1: zeus.ugent.be/blog/23-24/ope… Part 2: zeus.ugent.be/blog/23-24/esp… Repo: github.com/esp32-open-mac… #esp32 #cybersecurity

"Reverse Engineering Dark Souls 3 Networking" 1. Connection: timleonard.uk/2022/05/29/rev… 2. Packets: timleonard.uk/2022/06/02/rev… 3. Key exchange: timleonard.uk/2022/06/03/rev… 4. Reliable UDP: timleonard.uk/2022/06/09/rev… #networking #reverseengineering

✍️ 4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways by hypr blog.coffinsec.com/0day/2024/08/3…

Here's a video series of someone struggling to build an 8-bit superscalar CPU, and they're still not finished after a year. youtube.com/@fabianschuiki…

I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. elastic.co/security-labs/… Project: github.com/x86matthew/Win…

For the hardcore reverse engineers and malware analysts out there, my ex-colleague just dropped a deep dive into 'Scatterbrain,' the obfuscator behind PoisonPlug malware. If you're into long technical breakdowns, this one's worth a read. cloud.google.com/blog/topics/th…

I've just published a new blog post where I explain various Shellcoding techniques in the Windows Kernel. There's also a GitHub repo with the code used. Hope you enjoy it! r0keb.github.io/posts/Windows-…

New blog post out! I cover two SMEP bypass techniques in the Windows Kernel: one using a Write-What-Where to flip the U/S bit in the PTE, and another via type confusion with ROP and stack pivoting. Check it out! r0keb.github.io/posts/Bypassin…

Unlock forbidden Windows knowledge! 🤫💻 Find the PEB through truly undetected means and pop calculator 💥 The non-golf form will be available below 👇 #redteamtips #windowsinternals #rust

Just dropped a blog post on NtQuerySystemInformation changes that killed an old kASLR bypass. Added some internals research too, pre & post 24H2. Check it out! r0keb.github.io/posts/kASLR-In…

obfus.h is the powerfull compile-time obfuscator for C (win32/64). Supports virtualization, anti-debugging, control flow obfuscation and other code mutation techniques to prevent disassembly or decompilation. github.com/DosX-dev/obfus… #CodeSecurity #Obfuscation #infosec

`CVE-2025-24203`: hierarchy of vm_object_t when changing `MAP_SHARED` to `MAP_PRIVATE`. The topmost object has its own physical page.

Good morning! I just published a blog post about a KASLR bypass that works on modern Windows 11 versions. It leverages Intel CPU cache timings to exfiltrate the base address of ntoskrnl.exe. I hope you like it! r0keb.github.io/posts/Bypassin…

Good morning! Just published a deep dive into PatchGuard internals: how it works, key internal functions, context init, and possible bypasses. r0keb.github.io/posts/PatchGua…

Just published a blog post exploring junk code engines used in polymorphic malware. Part one covers ETG by Z0MBiE (32-bit). Part two introduces TrashFormer, my 64-bit implementation. Both fully written in assembly. r0keb.github.io/posts/Junk-Cod…

Good morning! Just published a blog post diving into Windows Kernel Pool internals: basics, memory allocation functions, internal structures, and how Segment Heap, LFH, and VS work. r0keb.github.io/posts/Windows-…

Good Morning! Just published a blog post diving into Windows Kernel LFH exploitation in the latest Windows 24h2 build, Focusing on controlled allocations to achieve arbitrary read/write in the kernel. r0keb.github.io/posts/Modern-(…

Good Morning! Just published a blog post analyzing Hyper-V functionality, design, and key binaries, hvix64.exe (hypervisor), securekernel.exe (secure kernel), and winload.dll (boot-time loader and CPU check). r0keb.github.io/posts/Hyper-V-…

Good morning! I've just published a deep-dive into an old TP-Link router: hardware, physical interfaces, and extracted firmware, including u-boot. r0keb.github.io/posts/Tp-Link-…