reverse-engineering

May 2021

We have found an exciting document that hides a whole chain of PS scripts. Unfortunately, the original document has used a coercive lure to make the victim enable macros that drop malicious artifacts. This specific document's lure is written in French "BIENVENUE DANS WORD Microsoft Word a ete mise a jour avec succes"

February 2020

Our CTO, Pedram Amini, and colleague Ero Carrera have open-sourced all the materials from a two-day reverse engineering class they taught over the years at BlackHat, the last instance being at Blackhat 2009 Federal. Written in LaTeX + Beamer, the course materials can be rendered in both slideshow (PDF) and article (PDF) modes. Additionally, the courseware includes malware samples and all requisite references, scripts, tools, exercises, and solutions.