DISASSEMBLE
EVERYTHING_
Writeups on malware analysis, reverse engineering, and CTF challenges — the methodology, the dead ends, and the flag at the end.
NSA Codebreaker 2025 T2
A walkthrough of the NSA Codebreaker 2025 T1 challenge detailing how a forensic analysis of a PCAP in Wireshark uncovered a rogue DNS server, suspicious FTP activity, and multiple IP addresses assigned to a malicious device.
NSA Codebreaker 2025 T1
A walkthrough of the NSA Codebreaker 2025 T1 challenge detailing the forensic analysis of a Linux EXT2 image to uncover a hidden malicious artifact and extract its SHA-1 hash.
PicoCTF Investigative Reversing 0
In this write-up for the picoCTF challenge "Investigating Reversing 0," we tackle the transformation of flag data in mystery.png. By analyzing how the program modifies the data and applying the reverse logic, we’ll decode the hidden flag.
PicoCTF WebNet1
In this write-up for the picoCTF challenge "WebNet1", we decrypt TLS traffic using a provided private key. Follow along as we use Wireshark to extract decrypted HTTP files and uncover the flag through analysis.
Flare-on 1 Challenge 5
In this blog post, I explore the 5get_it challenge from the FireEye Flare-On series, where I used Ghidra to dissect a 32-bit Windows DLL.
Flare-on 1 Challenge 4
Dive into the depths of APT9001.pdf, a deceptive PDF file with hidden obfuscated JavaScript and encoded payloads. Using powerful tools like Origami and ndisasm, this post guides you through the meticulous process of deobfuscation, extraction, and shellcode analysis. Join me as we unravel the secrets within and uncover the hidden flag!
Flare-on 1 Challenge 3
Uncover the complexities of `such_evil`, a challenge from Flare-On 1 that is a 32-bit Windows executable (PE32). Initially appearing normal, it conceals intricate shellcode and decodes strings dyanamically during runtime. Whether you're new to CTF challenges or seasoned, join me in decoding the puzzle.
Flare-on 1 Challenge 2
This post delves into dissecting a PHP script hidden within a PNG file, revealing the process of unraveling intricate layers of obfuscation. From discovering the script in the archive to decoding mixed hex and octal data, I'll guide you through the steps. Whether you're a beginner or seasoned in CTFs, let's decode this challenge together.
Unveiling Native Java Secrets in APKs
Join me as we tackle the picoCTF challenge 'Droids 4', exploring native Java secrets in APKs and decoding the puzzle to reveal the flag. From dissecting binaries to scripting Python for decryption, this journey offers valuable insights into creative reverse engineering. Grab your coffee and join the adventure!
Flare-on 1 Challenge 1
Embark on an adventure with me as I dive into a challenge from the FireEye Flare-On CTF. In this post, we'll go over the first challenge from Flare-on 1. I'll share my methodologies and the tools I use to navigate these intricate digital puzzles, offering insights and practical tips for anyone from beginners to seasoned pros. So, grab a coffee and let's explore the excitement of Flare-On together!
Unraveling the Mysteries of Malware in the Wild
Join me on a journey as I find a random piece of malware and take it apart, piece by piece. I'll show you some of my methodologies and tooling to uncover hidden functions and understand the malware's true purpose. Whether you're new to malware analysis or a seasoned pro, this post will offer insights and practical tips for exploring the fascinating world of reverse engineering. Grab a coffee and let's dive into the mysteries of malicious code together!
grep: no records match that tag