@MiasmRe profile picture
Miasm @MiasmRe
Joined February 2016
  • Tweets 70
  • Following 5
  • Followers 914
5 Photos and videos
Miasm retweeted
ESET Research
@ESETresearch
28 Mar 2022
While there are several frameworks for #reverseengineering that provide features we needed to see through Wslink’s virtual-machine-based obfuscator, we used @MiasmRe in this project simply because it’s actively maintained and we’re already familiar and satisfied with it. 4/5
1
1
7
Miasm@MiasmRe
2 Dec 2021
Little update: based on the great @NCCGroupInfosec blog post (research.nccgroup.com/2021/1…), we added color support for IR and ASM graph output: Thank you guys !
1
9
34
Miasm retweeted
newsoft@newsoft
27 Nov 2021
Replying to @MiasmRe
@MiasmRe you have a fan :) research.nccgroup.com/2021/1…

Cyber Security Research

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

nccgroup.com
2
5
25
Miasm retweeted
Hash Miser@H_Miser
12 Sep 2021
I finally decided to publish my complete toolset written for Tinynuke analysis You'll find config and injects grabber, dll extractors, Ghidra deobfuscation scripts and @cea_sec miasm based scripts github.com/Heat-Miser/tinynu… #Tinynuke #ReverseEngineering #Malware

GitHub - Heat-Miser/tinynuke-toolset: Set of tools to analyze Tinynuke samples

Set of tools to analyze Tinynuke samples. Contribute to Heat-Miser/tinynuke-toolset development by creating an account on GitHub.

github.com
1
24
63
Miasm retweeted
Tim Blazytko
@mr_phrazer
28 May 2021
Giving the workshop on code deobfuscation was great fun. Thanks for your active participation! #HITB2021AMS Check out code, slides and samples here: github.com/mrphrazer/hitb202…
5
56
157
Miasm@MiasmRe
19 May 2021
Congratulation, you both succeeded in: - resolving the challenge - writing a great tutorial on how to add a custom architecture in Miasm & exploit the IR!
Suraj Malhotra@MrT4ntr4
19 May 2021
Writeup for FCSC CTF 2021 - 'VMV' "Defeating Nested Virtualization with @MiasmRe" mrt4ntr4.github.io/FCSC21-CT… I explain how to write a custom architecture in Miasm and then use some pattern detection logic to solve the challenge. This took most of my time, Hope you guys like it!
2
18
Miasm retweeted
Tim Blazytko
@mr_phrazer
15 Mar 2021
If you want to learn more about control-flow graph construction, analysis and loop detection, check out my slide deck. I also wrote a blog post on how these concepts can be easily explored with @MiasmRe. synthesis.to/2021/03/15/cont…

Introduction to Control-flow Graph Analysis

Intro to control-flow graph construction, dominance, and loop analysis, with slides and Miasm code examples.

synthesis.to
1
27
92
Miasm retweeted
Tim Blazytko
@mr_phrazer
22 Nov 2020
A good example of automatic code deobfuscation based on pattern matching is stadeo by @ESET. They use @MiasmRe to automatically remove control flow flattening for the stantinko malware family. github.com/eset/stadeo

GitHub - eset/stadeo: Control-flow-flattening and string deobfuscator

Control-flow-flattening and string deobfuscator. Contribute to eset/stadeo development by creating an account on GitHub.

github.com
1
13
62
Miasm retweeted
Tim Blazytko
@mr_phrazer
2 Sep 2020
Friday, 19:00 GMT 2 at #r2con2020: In a live coding, I will use @r2gui and @MiasmRe to automatically identify and remove opaque predicates in an APT malware sample. Check it out: rada.re/con/2020/youtube

3
11
40
Miasm retweeted
Adrien Guinet@adriengnt
2 Sep 2020
Emulating the NotPetya bootloader with @MiasmRe, an article by @la_F0uin3 and myself, translated from an article originally published in @MISCRedac : aguinet.github.io/blog/2020/… Code available here: github.com/aguinet/miasm-boo…
24
37
Miasm@MiasmRe
9 Jun 2020
I am missing something here; On windows 10 15063: - In kernel32, IsProcessCritical is an export redirected to api-ms-win-core-processthreads-l1-1-2.IsProcessCritical - no ApiSet for this dll - in this dll, IsProcessCritical is... a redirected export to kernel32.IsProcessCritical
1
2
Miasm@MiasmRe
9 Jun 2020
The *real* IsProcessCritical seems to be located in kernelbase.dll. If someone knows the mechanism used in the linker to resolve this, please tell me!
1
Miasm@MiasmRe
1 Apr 2020
The development of the #rust version of Miasm is ongoing 😉 Using PyO3 to expose python bindings compatible with current scripts!
2
15
40
Miasm retweeted
ulexec@ulexec
10 Mar 2020
I wrote a part 1 of a 2 part series of articles portraying my experience with Yuma Kurogome’s comprehensive course on Advance Binary Deobfuscation with @MiasmRe. I introduced some @radareorg aswell :) ulexec.github.io/ulexec.gith…

Home

ulexec's blog

ulexec.github.io
3
78
142
Miasm@MiasmRe
23 Feb 2020
For the first time in Miasm : documentation! github.com/cea-sec/miasm/pul…

Add ir documentation by serpilliere · Pull Request #1142 · cea-sec/miasm

github.com
1
39
104
Miasm retweeted
Willi Ballenthin@williballenthin
13 Jan 2020
Here's what I've learned about disassembling programs using @MiasmRe williballenthin.com/post/202…
32
80
Miasm retweeted
Willi Ballenthin@williballenthin
10 Jan 2020
Here's my first set of notes collected while learning @MiasmRe to do Binary Analysis in Python3. williballenthin.com/post/202…

Learning miasm: Part 1: Loading a PE

williballenthin.com
2
55
126
Miasm@MiasmRe
12 Dec 2019
You can now install Miasm using "pip install miasm" ! See github.com/cea-sec/miasm/rel…

Release v0.1.3 · cea-sec/miasm

0.1.3 - 2019-12-12 Added Miasm can be installed with PIP (https://pypi.org/project/miasm/) Fixed Fixed DSE mem_read

github.com
1
40
111
Load more