Want to submit an article relating to security or OS internals? Click "Create an Article" on the left menu.
To add code, change the text format from Basic HTML to Full HTML. Then click the "Insert code snippet" icon (located at the top far right of the menu).
Administrators can add articles directly by clicking the top menu Content->Add content->Article.
Writing a Hex-Rays Plugin: VMX Intrinsics
I’ve been very excited to work with thenew Hex-Rays Decompiler microcode API, and I’ve finally had the chance to sit down and build a useful plugin. This post describes the development process: the things I tried that didn’t work and the weird hacks that ultimately did.
The plugin (C++ code) is a... Read more
FinSpy analysis – Round Two
[Security][Windows]Well, it’s been a long time coming but here’s round two of my analysis of the FinSpy sample discussed in my previous blog post. The sample’s hash is 2bbc8f46a6efc6c824e55dc3ec18e2cf4a6d594b3d4f6fa54b95a4521e0a503e and is an executable masquerading as an Adobe Flash Installer/Unins... Read more
FinSpy analysis – Round One
[Security][Windows]In 2012 a number of FinSpy samples were found and later analysed by CitizenLab (seehttps://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/). The details provided in the CitizenLab post are quite high-level; the aim of this article is to dig deep into FinS... Read more