Tag: re

Automating malware sample discovery with a Jupyter notebook that downloads from Malware Bazaar and runs Capa capability analysis on each sample automatically.

IOLI Crackme 0x04 walkthrough — the password is any digits that sum to 15, revealed by tracing sscanf-based accumulation through static analysis in IDA.

IOLI Crackme 0x03 walkthrough — reverse engineering a Caesar-style cipher that shifts each character by 3 to decode garbled success and failure strings.

Continuing the Maldoc101 malware analysis — decoding obfuscated VBA string concatenation to reveal WMI class references used for process execution.

Step-by-step maldoc analysis of the Maldoc101 challenge using oledump and olevba — deobfuscating VBA macros and tracing the WMI process execution chain.

IOLI Crackme 0x02 walkthrough — computing the password via static analysis of x86 arithmetic, then confirming with dynamic analysis by stepping through IDA.

shcode2exe converts raw shellcode blobs or strings into debuggable executables targeting 32 or 64-bit Windows, with no Wine dependency when running on Linux.

IOLI Crackme 0x01 walkthrough — converting hex to decimal to find the password, plus a closer look at how arguments are passed to functions in x86 assembly.

IOLI Crackme 0x00 walkthrough — finding the hardcoded password in IDA Pro and patching the binary to accept any input by changing a jz opcode to jmp.