1. |
Attacking the heart of an OpenRG modem |
reverser@put.as (fG!) |
|
2. |
Knock Knock! Who's There? - An NSA VM |
reverser@put.as (fG!) |
|
3. |
How to build a custom and distributable lldb |
reverser@put.as (fG!) |
|
4. |
How to use GitHub Actions and private repositories to deploy a Hugo static site |
reverser@put.as (fG!) |
|
5. |
The Finfisher Tales, Chapter 1: The dropper |
reverser@put.as (fG!) |
|
6. |
Is macOS under the biggest malware attack ever? |
reverser@put.as (fG!) |
|
7. |
Blog Update |
reverser@put.as (fG!) |
|
8. |
FruitFly's dropper script and its missing tricks |
reverser@put.as (fG!) |
|
9. |
Why I Left Twitter |
reverser@put.as (fG!) |
|
10. |
How to make LLDB a real debugger |
reverser@put.as (fG!) |
|
11. |
Crafting an EFI Emulator and Interactive Debugger |
reverser@put.as (fG!) |
|
12. |
Keygenning Carbon Copy Cloner Keychain Password |
reverser@put.as (fG!) |
|
13. |
Reversing and Keygenning qwertyoruiop's Crackme |
reverser@put.as (fG!) |
|
14. |
lldbinit - Improving LLDB |
reverser@put.as (fG!) |
|
15. |
Measuring OS X Meltdown Patches Performance |
reverser@put.as (fG!) |
|
16. |
Exploiting CVE-2017-5123 |
reverser@put.as (fG!) |
|
17. |
How to compile AFL's LLVM mode in OS X |
reverser@put.as (fG!) |
|
18. |
Papers |
reverser@put.as (fG!) |
|
19. |
gdbinit |
reverser@put.as (fG!) |
|
20. |
Blog migration to Hugo |
reverser@put.as (fG!) |
|
21. |
Armory Sandbox – Building a USB analyzer with USB armory |
reverser@put.as (fG!) |
|
22. |
EFI Swiss Knife – An IDA plugin to improve (U)EFI reversing |
reverser@put.as (fG!) |
|
23. |
Shut up snitch! – reverse engineering and exploiting a critical Little Snitch vulnerability |
reverser@put.as (fG!) |
|
24. |
Apple EFI firmware passwords and the SCBO myth |
reverser@put.as (fG!) |
|
25. |
SyScan360 Singapore 2016 slides and exploit code |
reverser@put.as (fG!) |
|
26. |
The Italian morons are back! What are they up to this time? |
reverser@put.as (fG!) |
|
27. |
Reversing Apple’s syslogd bug |
reverser@put.as (fG!) |
|
28. |
Gatekeerper – A kernel extension to mitigate Gatekeeper bypasses |
reverser@put.as (fG!) |
|
29. |
London and Asia EFI monsters tour! |
reverser@put.as (fG!) |
|
30. |
Rootfool – a small tool to dynamically disable and enable SIP in El Capitan |
reverser@put.as (fG!) |
|
31. |
Writing Bad @$$ Lamware for OS X |
reverser@put.as (fG!) |
|
32. |
BSides Lisbon and SECUINSIDE 2015 presentations |
reverser@put.as (fG!) |
|
33. |
Reversing Prince Harming’s kiss of death |
reverser@put.as (fG!) |
|
34. |
The Empire Strikes Back Apple – how your Mac firmware security is completely broken |
reverser@put.as (fG!) |
|
35. |
How to fix rootpipe in Mavericks and call Apple’s bullshit bluff about rootpipe fixes |
reverser@put.as (fG!) |
|
36. |
How to bypass Google’s Santa LOCKDOWN mode |
reverser@put.as (fG!) |
|
37. |
BadXNU, a rotten apple! – CodeBlue 2014, SyScan 2015 slides and source code |
reverser@put.as (fG!) |
|
38. |
https is now (finally) supported! |
reverser@put.as (fG!) |
|
39. |
Happy New Year! |
reverser@put.as (fG!) |
|
40. |
Patching what Apple doesn’t want to or how to make your “old” OS X versions a bit safer |
reverser@put.as (fG!) |
|
41. |
Can I SUID: a TrustedBSD policy module to control suid binaries execution |
reverser@put.as (fG!) |
|
42. |
The double free mach port bug: The short story of a dead 0day |
reverser@put.as (fG!) |
|
43. |
Shakacon #6 presentation: Fuck you Hacking Team, From Portugal with Love. |
reverser@put.as (fG!) |
|
44. |
About the processor_set_tasks() access to kernel memory vulnerability |
reverser@put.as (fG!) |
|
45. |
Revisiting Mac OS X Kernel Rootkits Phrack article is finally out! |
reverser@put.as (fG!) |
|
46. |
Rex vs The Romans – Anti Hacking Team Kernel Extension |
reverser@put.as (fG!) |
|
47. |
Teaching Rex another TrustedBSD trick to hide from Volatility |
reverser@put.as (fG!) |
|
48. |
Don’t die GDB, we love you: kgmacros ported to Mavericks. |
reverser@put.as (fG!) |
|
49. |
Analysis of CoinThief/A "dropper" |
reverser@put.as (fG!) |
|
50. |
AppleDoesntGiveAFuckAboutSecurity iTunes Evil Plugin Proof of Concept |
reverser@put.as (fG!) |
|
51. |
Updated version of Onyx The Black Cat |
reverser@put.as (fG!) |
|
52. |
Linux/HackingTeamRDorks.A, a “new” and improved version of Linux/CDorked.A |
reverser@put.as (fG!) |
|
53. |
Breaking OS X signed kernel extensions with a NOP |
reverser@put.as (fG!) |
|
54. |
One small patch for GDB, one giant leap for reversers! |
reverser@put.as (fG!) |
|
55. |
Why ESET’s OS X Rootkit Detector is useless... |
reverser@put.as (fG!) |
|
56. |
SyScan360 Beijing slides |
reverser@put.as (fG!) |
|
57. |
HiTCON 2013 slides |
reverser@put.as (fG!) |
|
58. |
Gone in 59 seconds: tips and tricks to bypass AppMinder’s Jailbreak detection |
reverser@put.as (fG!) |
|
59. |
Another gift: Crackme #1 source code from hell! |
reverser@put.as (fG!) |
|
60. |
Clapzok.A: reversing the OS X part of a multiplatform PoC infector |
reverser@put.as (fG!) |
|
61. |
Gimmedebugah: how to embedded a Info.plist into arbitrary binaries |
reverser@put.as (fG!) |
|
62. |
The "all" new Onyx The Black Cat! |
reverser@put.as (fG!) |
|
63. |
NoSuchCon #1 debrief and slides |
reverser@put.as (fG!) |
|
64. |
Hydra, the sample util I am unable to describe! |
reverser@put.as (fG!) |
|
65. |
There is an error in my SyScan slides! |
reverser@put.as (fG!) |
|
66. |
SyScan13: Revisiting Mac OS X Rootkits presentation |
reverser@put.as (fG!) |
|
67. |
How to compile GDB in Mountain Lion (updated) |
reverser@put.as (fG!) |
|
68. |
OS.X/Boubou – Mach-O infector PoC source code |
reverser@put.as (fG!) |
|
69. |
Ice the Guardian v2, the OS X anti-lamware |
reverser@put.as (fG!) |
|
70. |
Happy new year, 2013 edition! |
reverser@put.as (fG!) |
|
71. |
A quick review of Mac OS X and iOS Internals – To the Apple’s Core |
reverser@put.as (fG!) |
|
72. |
Otool-ng – a set of small patches to Apple’s otool |
reverser@put.as (fG!) |
|
73. |
Kextstat_ASLR util or how to start hiding your kernel rootkit in Mountain Lion |
reverser@put.as (fG!) |
|
74. |
5 years of reverse.put.as |
reverser@put.as (fG!) |
|
75. |
My first Hackintosh |
reverser@put.as (fG!) |
|
76. |
OS X Malware at Confraria de Segurança da Informação presentation slides |
reverser@put.as (fG!) |
|
77. |
Tales from Crisis, Chapter 4: A ghost in the network |
reverser@put.as (fG!) |
|
78. |
Tales from Crisis, Chapter 3: The Italian Rootkit Job |
reverser@put.as (fG!) |
|
79. |
Tales from Crisis, Chapter 2: Backdoor’s first steps |
reverser@put.as (fG!) |
|
80. |
Tales from Crisis, Chapter 1: The dropper’s box of tricks |
reverser@put.as (fG!) |
|
81. |
ExtractMachO: an IDA plugin to extract Mach-O binaries from disassembly |
reverser@put.as (fG!) |
|
82. |
HITCON 2012 Review and slides |
reverser@put.as (fG!) |
|
83. |
Secuinside 2012 Review and Slides |
reverser@put.as (fG!) |
|
84. |
See you in Asia! |
reverser@put.as (fG!) |
|
85. |
"Sandwich" CrackMe tutorial by qwertyoruiop |
reverser@put.as (fG!) |
|
86. |
A little social and economics experiment |
reverser@put.as (fG!) |
|
87. |
How to compile GDB for iOS! |
reverser@put.as (fG!) |
|
88. |
gdbinit v8.0: simultaneous support for x86/x86_64 and ARM architectures! |
reverser@put.as (fG!) |
|
89. |
Dynamic Code Encryption in OS X: the crackme example! |
reverser@put.as (fG!) |
|
90. |
A small improvement to OS X “rootkitery”: bruteforcing sysent discovery, fast & easy! |
reverser@put.as (fG!) |
|
91. |
AV-monster: the monster that loves yummy OS X anti-virus software |
reverser@put.as (fG!) |
|
92. |
Obfuscation #2: Playing entrypoint hide & seek game with dyld |
reverser@put.as (fG!) |
|
93. |
A little more fun with Mach-O headers: adding and spoofing a constructor |
reverser@put.as (fG!) |
|
94. |
Anti-disassembly & obfuscation #1: Apple doesn’t follow their own Mach-O specifications? |
reverser@put.as (fG!) |
|
95. |
Anti-debug trick #1: Abusing Mach-O to crash GDB |
reverser@put.as (fG!) |
|
96. |
We have a crackme winner!!! |
reverser@put.as (fG!) |
|
97. |
My first crackme... from hell, I hope :-) |
reverser@put.as (fG!) |
|
98. |
A Mac OS X port of Phrack’s CheckIDT util by kad, or another way to retrieve sysent address |
reverser@put.as (fG!) |
|
99. |
gdbinit v7.4.4 – the skip command |
reverser@put.as (fG!) |
|
100. |
Some comments about plugin-alliance.com protection... |
reverser@put.as (fG!) |
|
101. |
Merry Christmas, Happy New Year and some notes... |
reverser@put.as (fG!) |
|
102. |
Evil iTunes Plugins from Hell |
reverser@put.as (fG!) |
|
103. |
gdbinit v7.4.3 |
reverser@put.as (fG!) |
|
104. |
Display Mach-O headers plugin for IDA |
reverser@put.as (fG!) |
|
105. |
How to create IDA C/C++ plugins with Xcode |
reverser@put.as (fG!) |
|
106. |
Using OS X TrustedBSD framework to protect critical files |
reverser@put.as (fG!) |
|
107. |
Poking around Sentinel HASP Envelope for Mac OS X :-) |
reverser@put.as (fG!) |
|
108. |
A small rant about dongles: the developer who can’t correctly implement a HASP! |
reverser@put.as (fG!) |
|
109. |
Fixes for the TrustedBSD backdoor – Rex the wonder dog v0.2 |
reverser@put.as (fG!) |
|
110. |
Abusing OS X TrustedBSD framework to install r00t backdoors... |
reverser@put.as (fG!) |
|
111. |
4th anniversary... |
reverser@put.as (fG!) |
|
112. |
Apple Sandbox Guide v1.0 |
reverser@put.as (fG!) |
|
113. |
Apple’s Sandbox Guide v0.1 – early draft release |
reverser@put.as (fG!) |
|
114. |
Using Apple’s sandbox feature for reversing purposes |
reverser@put.as (fG!) |
|
115. |
Removing iTunes 10.4 m3u processing feature with a small loader |
reverser@put.as (fG!) |
|
116. |
Another patch for Apple’s GDB: the define/commands problem |
reverser@put.as (fG!) |
|
117. |
How GDB disables ASLR in Mac OS X Lion |
reverser@put.as (fG!) |
|
118. |
gdbinit v7.4.2, Github and Twitter |
reverser@put.as (fG!) |
|
119. |
gdbinit v7.4 |
reverser@put.as (fG!) |
|
120. |
Added a new page, Papers & Presentations |
reverser@put.as (fG!) |
|
121. |
A little vulnerability in The Heist iOS game or how to get (more) free Steam codes for Eets game! |
reverser@put.as (fG!) |
|
122. |
How to remove iPad/iPhone/iPod Touch encrypted backups password if you forgot it |
reverser@put.as (fG!) |
|
123. |
An interview with CrackZ and (incomplete) source code to Contract Killer "trainer" |
reverser@put.as (fG!) |
|
124. |
Newsflash: How to fuck up 40 million USD – The New York Times paywall and its iPad app |
reverser@put.as (fG!) |
|
125. |
Hacking a freemium iOS app: Contract Killer … or unlimited play without spending a dime (or any other currency) |
reverser@put.as (fG!) |
|
126. |
Small update to gdbinit and to the website |
reverser@put.as (fG!) |
|
127. |
Update to GDB patches – fix for a "new" bug |
reverser@put.as (fG!) |
|
128. |
There’s a new protection in town, Software Passport, from the developers of Armadillo :-) |
reverser@put.as (fG!) |
|
129. |
It’s not my war but... |
reverser@put.as (fG!) |
|
130. |
Universe’s best and legal Mac OS X reversing tutorial for newbies (or maybe not!) |
reverser@put.as (fG!) |
|
131. |
Another update to gdbinit for iOS and ARM support to ptool.pl and offset.pl |
reverser@put.as (fG!) |
|
132. |
Need help with code signing in iOS! |
reverser@put.as (fG!) |
|
133. |
gdbinit v0.1 for iOS (iPad at least :-)) |
reverser@put.as (fG!) |
|
134. |
How to make an iPad connect thru a ssh SOCKS proxy + iOS "spyware" |
reverser@put.as (fG!) |
|
135. |
Why cracking the vast majority of Mac apps isn’t that sexy... |
reverser@put.as (fG!) |
|
136. |
Reversing the exit(173) from the Mac App Store |
reverser@put.as (fG!) |
|
137. |
The sad state of reverse engineering software/hardware protections |
reverser@put.as (fG!) |
|
138. |
The Mac App Store... Security broken by design? |
reverser@put.as (fG!) |
|
139. |
A semi-automated way to find sysent |
reverser@put.as (fG!) |
|
140. |
A new GDB frontend and some pics from the past |
reverser@put.as (fG!) |
|
141. |
GDB anti-debug, Otool/otx anti-disassembly… It’s Challenge number 3 !!! |
reverser@put.as (fG!) |
|
142. |
How to Keygen MSJ Kracking Challenge ’10 – Challenge #1 |
reverser@put.as (fG!) |
|
143. |
Very small update... |
reverser@put.as (fG!) |
|
144. |
Onyx the Black Cat v0.4 for Snow Leopard |
reverser@put.as (fG!) |
|
145. |
OS X Crackmes |
reverser@put.as (fG!) |
|
146. |
gdbinit v7.3 |
reverser@put.as (fG!) |
|
147. |
reverse.put.as is back in a new format... |
reverser@put.as (fG!) |
|
148. |
Brief analysis of the VLOK protection |
reverser@put.as (fG!) |
|
149. |
A new util to process Mach-O binaries information (or a replacement to otool -l) |
reverser@put.as (fG!) |
|
150. |
Happy new year and a small christmas gift! |
reverser@put.as (fG!) |
|
151. |
Snow Leopard impact into reverse engineering world... |
reverser@put.as (fG!) |
|
152. |
Small gdbinit update... |
reverser@put.as (fG!) |
|
153. |
GDB patches |
reverser@put.as (fG!) |
|
154. |
Anatomy of a GDB anti-debug trick part II: GDB isn’t alone! |
reverser@put.as (fG!) |
|
155. |
Reversing Pokerstars online poker client (I hope they aren’t from Vegas !!!) |
reverser@put.as (fG!) |
|
156. |
Anatomy of a GDB anti-debug trick |
reverser@put.as (fG!) |
|
157. |
Fix for Apple’s GDB bug or why Apple forks are bad... |
reverser@put.as (fG!) |
|
158. |
Workaround for Apple’s GDB bug... |
reverser@put.as (fG!) |
|
159. |
gdbinit 7.1.7 and some bla bla bla... |
reverser@put.as (fG!) |
|
160. |
A little disassembler for MPress packer... |
reverser@put.as (fG!) |
|
161. |
How to dump a MPress packed binary... |
reverser@put.as (fG!) |
|
162. |
A memory dumper for Apple crypted binaries! Hurray !!! |
reverser@put.as (fG!) |
|
163. |
How to dump an Apple protected binary |
reverser@put.as (fG!) |
|
164. |
"Removing" Apple code signing from a binary... |
reverser@put.as (fG!) |
|
165. |
Cracking a Mac OS X Screensaver |
reverser@put.as (fG!) |
|
166. |
A bunch of old tutorials... |
reverser@put.as (fG!) |
|
167. |
Defeating Little Snitch and thinking about piracy... |
reverser@put.as (fG!) |
|
168. |
Onyx The Black Cat v0.3 |
reverser@put.as (fG!) |
|
169. |
Mach-O binary offset calculator |
reverser@put.as (fG!) |
|
170. |
Why is kernel debugging fun? |
reverser@put.as (fG!) |
|
171. |
Mac OS X Kernel debugging with VMware |
reverser@put.as (fG!) |
|
172. |
Serial phishing tutorial !!! It’s hot hot hot ;) |
reverser@put.as (fG!) |
|
173. |
World’s best Mac OS X reversing tutorial for newbies (or maybe not!) |
reverser@put.as (fG!) |
|
174. |
iWork/Photoshop Trojan or Botnet Binary found |
reverser@put.as (fG!) |
|
175. |
Gdbinit v7.1.6 |
reverser@put.as (fG!) |
|
176. |
How to compile GDB and other Apple open source packages in Mac OS X |
reverser@put.as (fG!) |
|
177. |
Mailing list and IRC channel |
reverser@put.as (fG!) |
|
178. |
More gdbinit addons! |
reverser@put.as (fG!) |
|
179. |
A lazy xmas gift or a lazy addon to gdbinit |
reverser@put.as (fG!) |
|
180. |
Apple’s GDB Bug? |
reverser@put.as (fG!) |
|
181. |
What’s wrong in this picture? |
reverser@put.as (fG!) |
|
182. |
gdbinit version 7.0 (and 7.1) |
reverser@put.as (fG!) |
|
183. |
Onyx The Black Cat v0.2 |
reverser@put.as (fG!) |
|
184. |
Extended attributes in Mac OS X and Remote Buddy |
reverser@put.as (fG!) |
|
185. |
Onyx The Black Cat v0.1 – Anti Anti-debug kernel module |
reverser@put.as (fG!) |
|
186. |
The IDA Pro Book: The Unofficial Guide to the World’s Most Popular Disassembler |
reverser@put.as (fG!) |
|
187. |
"Hacker" Challenge |
reverser@put.as (fG!) |
|
188. |
PTHPasteboard 4.4.0! Generic Mac OS X protector is found? |
reverser@put.as (fG!) |
|
189. |
News... |
reverser@put.as (fG!) |
|
190. |
Little Snitch continued or the broken nib files! |
reverser@put.as (fG!) |
|
191. |
Kernel module for syscall interception and fixing ptrace |
reverser@put.as (fG!) |
|
192. |
Mac OS X Age of Empires III 1.0.4 NO CD patch |
reverser@put.as (fG!) |
|
193. |
Mac OS X Code injection |
reverser@put.as (fG!) |
|
194. |
More Mac OS X anti-debugging |
reverser@put.as (fG!) |
|
195. |
How to bypass a protection with a single byte |
reverser@put.as (fG!) |
|
196. |
Reversing You Control Desktops v1.2 |
reverser@put.as (fG!) |
|
197. |
How to change /etc/hosts |
reverser@put.as (fG!) |
|
198. |
Change network card MAC address |
reverser@put.as (fG!) |
|
199. |
GDB input radix option |
reverser@put.as (fG!) |
|
200. |
Must have tools |
reverser@put.as (fG!) |
|
201. |
Patches |
reverser@put.as (fG!) |
|
202. |
Crackmes |
reverser@put.as (fG!) |
|
203. |
About |
reverser@put.as (fG!) |
|