RCE Endeavors 😅

Because why not… Follow here at your choosing: https://twitter.com/codereversing

I’ve updated the e-mail for feedback or long/private questions and comments to Base64Dec(ZmVlZGJhY2tAY29kZXJldmVyc2luZy5jb20=). The previous e-mail was set to receive WordPress updates on comments that were pending on this blog. Naturally this led to the inbox being flooded with hundreds of spam e-mails per week and that feature has now been turned off. People e-mailing the above address should actually receive timely responses, and the anti-spam plugins that I have installed should hopefully make approving comments easier as well — instead of not approving them at all due to the sheer volume.

Recently a lot of side projects have been taking up free my time so I have not had a lot of time to post anything. I want to post this list of what I plan to have for the future as further motivation:

1. VM-based binary protection and/or VM-based malware techniques. I’ve been looking through the TinyVM project and finding some interesting things elsewhere that could be applied to those two topics.
2. Malware reversal, start to finish. Starting at the unpacking state and going into (probably dynamic) analysis of what a piece of malware does.
3. Generic DirectX/OpenGL hooking to make add-ons to games

These are just three of many things planned for the future. I have no set deadline for when any of these posts will be coming out or in what order. However, I would say one of these will be posted relatively soon — perhaps near the end of the following month or the first week of September.

I’ve put this blog up to help me stay focused and organized on my reverse engineering projects. In the future, it will contain posts about any sort of low level analysis that I do and my progress on it. For the time being, upcoming posts will focus mainly on x86 and x86-64 reverse engineering of applications until I get comfortable and experienced enough to branch out into other architectures, or into the CLR and/or JVM. I’m continually learning more about the field, and as such future posts may contain slight errors in my analysis of disassembled programs/code snippets. I’ll try to minimize this as much as possible and may revise old posts as I get a better understanding of things. I’ll end this initial post with a quote:

If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.  – Bruce Schneier