Blog
Research notes, technical deep-dives, and thoughts on kernel security.
Reverse Engineering Chches sample, unpacking the payload from the loader binary and analysis in Binary Ninja...
reverse-engineeringmalwaredeobfuscationnativeC
2026-05-02Obfuscating and Deobfuscating Basic CFF...
reverse-engineeringobfuscationdeobfuscationnativeC
2026-04-11Reverse Engineering CFTR as a Hidden State Machine...
reverse-engineeringoff-topicscience
2026-04-10nil min read
Building a first iteration of a .NET virtualization based obfuscator...
reverse-engineeringobfuscationdotnetil
2026-04-04Breaking down the paired .NET IL deobfuscator, rewrite pipeline, residual analysis, and what actually survives automated simplification....
reverse-engineeringobfuscationdotnetildeobfuscation
2026-04-03Building a layered .NET IL MBA obfuscator with safe rewrite rules, deterministic template selection, growth budgets, and telemetry-backed evaluation....
reverse-engineeringobfuscationdotnetilmba
2026-04-03Step-by-step deobfuscation of a kernel driver's obfuscated ntdll export using an index-based Caesar shift, with a minimal Python reproduction....
reverse-engineeringkerneldriverwindowsobfuscation
2025-08-23