1 views collected around this technical thread.
This article provides a comprehensive guide on how to employ GDB for debugging programs that lack symbol information, covering basic commands, breakpoint techniques, core‑dump analysis, reverse debugging, and a practical example of integrating VSCode, GDB, and QEMU to debug an ARM64 Linux kernel.
The article analyzes a crash that occurs on Windows 10 when a 64‑bit program mixes RSP and ESP instructions, explains how writing to the 32‑bit ESP register zero‑extends the upper 32 bits of RSP, and shows how this stack‑pointer mismatch leads to an access‑violation error that does not appear on Windows 7.
This article introduces the OpenCoreAnalysisKit project, an open‑source suite for offline analysis of Android Core memory files across multiple architectures, detailing its components, build requirements, usage guides for kernel‑ and user‑mode debugging, and various command‑line tools and code snippets for comprehensive reverse‑engineering and memory‑analysis workflows.
This article explains the ticket‑purchasing workflow, identifies critical timing points for successful ticket grabbing, and presents two common technical approaches—browser automation with Selenium and reverse‑engineering ticket‑booking APIs—to automate the process, while warning about limitations and legal considerations.
This tutorial explains how to locate and eliminate the persistent WinRAR advertisement window by using Spy++, API Monitor, and IDA to identify the RarReminder class, find the CreateWindow call at offset 0xaa56d, and replace the call instruction with NOP bytes, effectively disabling the popup.
The article investigates undocumented x86 opcodes, describing a depth‑first search that uses page‑faults to locate hidden instruction boundaries, and reports finding dozens of executable but undocumented instructions on Intel and AMD CPUs, highlighting potential security risks and the need for vigilant hardware analysis.
This guide explains how to extract .pyc files from a Python‑generated executable, restore missing bytecode headers, and use tools such as pyinstxtractor, pyi‑archive_viewer, and uncompyle6 to decompile the bytecode back into readable Python scripts while highlighting common pitfalls and protection mechanisms.
The article reverse‑engineers GitHub Copilot’s VSCode extension, detailing how its webpack‑bundled JavaScript is unpacked, its registerGhostText entry point identified, and its prompt‑building, multi‑layer caching, debouncing, and Jaccard‑based similarity mechanisms operate, offering insights into AI‑assisted code completion design.
Android reverse engineering involves extracting an APK, decompiling it with tools like apktool, dex2jar, or JADX, analyzing and modifying Smali or Java code, recompiling and signing the package with jarsigner, and testing the changes, while using adb commands to retrieve the original file and emphasizing deeper analysis for robust security.
This article introduces FirmAE, an automated framework for firmware emulation and vulnerability analysis, details its installation and usage steps on Ubuntu, and presents a comprehensive reverse‑engineering case study of a Zyxel router firmware to illustrate troubleshooting and manual analysis techniques.
This tutorial walks through jailbreaking an iPhone, configuring Cydia and Frida, then using either dumpdecrypted or frida‑ios‑dump to strip the App Store protection shell, rebuild the IPA with a decrypted binary, and extract class headers, while addressing typical connection and compatibility problems.
This article introduces the Mach-O executable format, explains how its structure can be leveraged to attribute dynamic and static libraries at runtime and during build, and presents two practical projects—library attribution and fast API scanning—complete with implementation details and code snippets.
The article investigates whether modern x86 CPUs contain undocumented or hidden instructions, explains how to search the instruction space using a depth‑first algorithm that leverages page‑fault side‑effects to determine instruction length, and presents the results of uncovering such hidden opcodes on Intel and AMD processors, highlighting the potential security risks.
This article demonstrates how to reverse‑engineer the NetEase Cloud Music web API to extract encrypted parameters, use Python to fetch song comments, and apply SnowNLP for sentiment analysis and word‑cloud visualization, providing a step‑by‑step guide with code examples.
This article presents a detailed technical analysis of the Y‑BotManager anti‑spam system, describing its architecture, the reverse‑engineering process of its SensorData generation, the device and user‑interaction features used for bot detection, and the practical attempts to bypass the protection.
This article explains the concept of Remote Procedure Call (RPC), demonstrates how to apply RPC for web reverse engineering by injecting JavaScript through WebSocket communication, and introduces the Sekiro framework and related tools for automating encryption parameter retrieval in browser environments.
This guide explains how to unpack a PyInstaller‑packed executable, restore the stripped .pyc header using a binary editor, and decompile the resulting file with uncompyle6, providing a step‑by‑step workflow for Python reverse‑engineering.
This article provides a comprehensive overview of Android app hardening methods, detailing the evolution from first‑generation dex and so protection to advanced code virtualization, and outlines various unpacking (脱壳) techniques—including memory dump, dynamic debugging, hook‑based and custom ROM approaches—used to bypass these protections.
This tutorial explains how to analyze the Laifeng live‑stream chat API, extract the required timestamp and signature parameters from JavaScript, and implement a Python script that logs in, generates the encrypted sign, and sends custom danmu messages to a specified room.
This tutorial explains how to retrieve the 32‑byte encryption key of the PC version of WeChat by attaching OllyDbg to the WeChat process, locating the password in memory, and then using a custom C++ program built with OpenSSL to decrypt the WeChat SQLite database files.