Recent posts

QAKBOT BB Configuration and C2 IPs List

4 minute read

This is my first malware blog post, hope it will be useful to someone, I’ll not go deeper in the malware details because there are plenty of detailed reports...

Emotet Malicious Excel Analysis

1 minute read

Sometime ago a friend of mine sent me a suspicious email containg a zip file with an xls, at the time I didn’t focus too much on what the file does and simpl...

DVIA v2 iOS URL Runtime Manipulation with Frida

2 minute read

After my previous blog posts about DVIA v2 Anti-Debug and Frida with Swift some guys asked me about the URL Runtime Manipulation challenge in DVIA v2. I wil...

iOS Strings Obfuscation in Swift

4 minute read

Usually when reversing an iOS Application, it’s common to see methods and strings that can help an attacker to figure out how the application works. When I’...

ELF x64 Bypass NX with mprotect()

4 minute read

In this blogpost, I’ll explain how to bypass NX using mprotect() in order to make the stack executable.

Cascade Writeup

4 minute read

Let’s start by enumerating all the services on the machine with a TCP scan:

Resolute Writeup

2 minute read

I had some problems the last week and couldn’t publish this writeup I wrote in Decembre, let’s start by enumerating all the service on the machine with a TCP...

Book Writeup

less than 1 minute read

Hello, I wrote the writeup for Book on the blog of my team!

iOS Swift Anti-Jailbreak Bypass with Frida

8 minute read

Frida is a dynamic binary instrumentation framework that has been around for a while. In a nutshell, Frida allows reverse engineers to perform activities suc...

DVIA v2 iOS Anti-Debugging Bypass with LLDB

2 minute read

This is my solution to bypass anti-debugging checks on Damn Vulnerable iOS Application v2. While reversing the application, I noticed the presence of two an...