Our Blog

Filter-Mute Operation: Investigating EDR Internal Communication

Reading time: ~21 min
Posted by jeanpascal.thomas@orangecyberdefense.com on 28 July 2023
Categories: Edr, Kernel, Reversing, Windows, Av bypass, Reverse engineering
For our annual internal hacker conference dubbed SenseCon in 2023, I decided to take a look at communication between a...

DualSense Reverse Engineering

Reading time: ~7 min
Posted by Emmanuel Cristofaro on 23 November 2020
Categories: Fun, Hardware, Playstation, Reversing, Dual-pod-shock, Dualsense, Dualshock, Sony, Stutm
Ciao belli! On the 19th of November 2020, SONY finally released the new PlayStation 5 in the UK. A few...

[Dual-Pod-Shock] Emotional abuse of a DualShock

Reading time: ~36 min
Posted by Emmanuel Cristofaro on 24 January 2020
Categories: Fun, Hardware, Playstation, Reversing
Hacking PlayStation DualShock controllers to stream audio to their internal speakers. Ciao a tutti. Introduction I didn’t really know what...

Hacking doom for fun, health and ammo

Reading time: ~20 min
Posted by Leon Jacobs on 27 November 2019
Categories: Doom, Frida, Games, Reversing, Sensecon 2019, Reverse engineering
Remember iddqd and idkfa? Those are two strings were etched into my brain at a very young age where fond...

Abusing GDI Objects for ring0 Primitives Revolution

Reading time: ~21 min
Posted by saif on 29 July 2017
Categories: Analysis, Defcon, Exploit, How-to, Materials, Reversing, Windows
Exploiting MS17-017 EoP Using Color Palettes This post is an accompaniment to the Defcon 25 talk given by Saif. One...

MAPI over HTTP and Mailrule Pwnage

Reading time: ~8 min
Posted by etienne on 01 September 2016
Categories: Pentest, Powershell, Reversing, Tools
History In December 2015 Silent Break Security wrote about “Malicious Outlook Rules” and using these to get a remote shell....

January Get Fit Reversing Challenge

Reading time: ~4 min
Posted by siavosh on 17 January 2014
Categories: Fun, Research, Reversing
Aah, January, a month where resolutions usually flare out spectacularly before we get back to the couch in February. We’d...

Dangers of Custom ASP.NET HttpHandlers

Reading time: ~2 min
Posted by behrang on 13 December 2012
Categories: Real-world, Reversing
ASP.NET HttpHandlers are interesting components of a .NET web application when performing security assessments, mainly due to the fact they...

44Con: Vulnerability analysis of the .NET smart Card Operating System

Reading time: ~1 min
Posted by behrang on 10 September 2012
Categories: 44con, Analysis, Presentations, Research, Reversing
Today’s smart cards such as banking cards and smart corporate badges are capable of running multiple tiny applications which are...

RSA SecureID software token update

Reading time: ~4 min
Posted by behrang on 24 May 2012
Categories: Analysis, Research, Reversing, Rsa, Secureid
There has been a healthy reaction to our initial post on our research into the RSA SecureID Software Token. A...

A closer look into the RSA SecureID software token

Reading time: ~7 min
Posted by behrang on 17 May 2012
Categories: Analysis, Research, Reversing
Widespread use of smart phones by employees to perform work related activities has introduced the idea of using these devices...

Mobile Security Summit 2011

Reading time: ~1 min
Posted by saurabh on 01 November 2011
Categories: Conferences, Mobile, Research, Reversing, Tools
This week, Charl van der Walt and I (Saurabh) spoke at Mobile Security Summit organized by IIR (http://www.iir.co.za/detail.php?e=2389). Charl was...

Decrypting iPhone Apps

Reading time: ~7 min
Posted by saurabh on 24 October 2011
Categories: Crypto, Howto, Ios, Report-info, Reversing
This blog post steps through how to convert encrypted iPhone application bundles into plaintext application bundles that are easier to...

Analysis of a UDP worm

Reading time: ~4 min
Posted by behrang on 25 October 2010
Categories: Real-world, Research, Reversing
Introduction From time to time I like to delve into malware analysis as a pastime and post interesting examples, and...

Decrypting Symantec BackupExec passwords

Reading time: ~1 min
Posted by behrang on 05 March 2010
Categories: Crypto, Reversing, Tricks
BackupExec agent is often among common services found on the internal pen tests. The agent software stores an encrypted “logon...

QoW: Software Reversing and Exploitation

Reading time: ~1 min
Posted by behrang on 22 January 2009
Categories: Qo[w|m|?], Research, Reversing
I’ve developed a FTP like multi-threaded server application as a target for this challenge of the month. It has been...

Lets hope it does better than netsec.reddit..

Reading time: Less than a minute
Posted by Haroon Meer on 11 September 2008
Categories: Programming, Reversing
Introducing [http://www.reddit.com/r/ReverseEngineering/] (like its name suggests, a reddit thats all about Code RE..)

Adobe APSB08-15 Patch Reversing

Reading time: ~1 min
Posted by behrang on 27 August 2008
Categories: Reversing
APSB08-15 is the latest adobe security advisory regarding a memory corruption vulnerabilty in Acrobat Reader versions <8.1.2 As expected, the advisory...