Malware Reverse Engineer. Instructor & Author. Occasional YouTuber.
Joined November 2007
- Tweets 755
- Following 357
- Followers 3,356
- Likes 915
117 Photos and videos
Anuj Soni retweeted
8 Jan 2025
If you work in #securityengineering or #threathunting, my tip this week is:
Don’t sleep on browser extensions or IDE extensions — they’re a stealthy threat 👇
1. Backdoored Browser Extensions: arstechnica.com/security/202…
2. Malicious VSCode Extensions: mdsec.co.uk/2023/08/leveragi…
6
26
165
19,085
I trust AI to plan vacations, but analyzing malware and producing a final report? Not so much.
If you’re looking for a way to start using AI to support parts of your workflow, watch this: youtu.be/4ok4e0Jvy_4
1
4
11
900
Anuj Soni retweeted
Apr 2
#BSidesCharm 2026 training spotlight today: Anuj Soni (@asoni) presenting the Sat morning training session "Malware Analysis Fundamentals: A Hands-On Workshop"
3
4
343
Anuj Soni retweeted
Mar 2
One issue with all this LLM reverse engineering hype is a misunderstanding what RE means. True RE delivers a complete understanding of malware and all its capabilities. Most of these LLM demos I’ve seen are just replicating what malware sandboxes have been doing for a decade.
7
16
118
10,421
Modern Windows malware is often obfuscated, and if automation falls short, a debugger could be the fastest way to uncover the underlying code.
In my latest video, I use @x64dbg to deobfuscate and dump the payload of a multi-stage Windows malware sample.
youtu.be/-lYiKq0t5sc
2
4
14
1,194
Want to learn Windows malware analysis but not sure where to start? I organized my beginner videos into the ideal sequence:
1⃣ mindset/approach
2⃣ lab
3⃣ static analysis
4⃣ behavior analysis
Every video has links to tools and samples so you can follow along.
youtube.com/playlist?list=PL…
1
4
691
Part 3 of my Malicious Shellcode Analysis series is live! 🔥
We kick off static analysis: pull strings, uncover hidden data, and use rule matching to ID malware families.
New update to my malware analysis template too.
🎥 Watch: youtu.be/jQFKOXC_MaU
1
15
78
4,539
Grateful for the spotlight - thank you @DfirDiva!
Today's Training Tuesday Highlight is @asoni!
Want to learn Malware Analysis & Reverse Engineering? Check out his awesome FREE videos with links to the samples included in the descriptions so you can follow along!
YouTube Channel: youtube.com/@sonianuj
#MalwareAnalysis #IncidentResponse #DFIRDivaTTH
1
23
2,116
Part 2 of my shellcode analysis series is here!
This time, we’re automating shellcode extraction with one of @hasherezade’s incredible open-source tools.
🎥 Watch now: youtu.be/D6Bm5vD78eY
4
32
131
15,497
Launching a series on malicious shellcode analysis!
In Part 1, I share an approach to manually extract shellcode from multi-stage malware, with help from @x64dbg and @vector35's Binary Ninja.
👉 Watch now: youtu.be/642VUEjMeLw
Part 2 will explore automating shellcode extraction (coming soon—subscribe so you don't miss it!).
3
45
151
8,373
One of my favorite videos from @_JohnHammond, love the deep dive into a hashing algorithm with Binja and the step-by-step approach to implementing it in Python🔥
14 Nov 2024
Supply chain malware from an infected game mod 🤯😱 Long-form reverse engineering and a WILD ride: Binary Ninja, x64dbg, 010 Editor, PEB walking, reworking API function hashing in Python, DLL search-order hijacking, hooked functions & more. MASSIVE video: jh.live/bvyklJ5Wie0
2
3
37
10,815
Big fan of this streamlined malware analysis setup, from @herrcore:
youtu.be/adAr0KBJm4U?si=eiYS…
1
17
103
5,408
After far too long, I signed up to sponsor @x64dbg! If you benefit from x64dbg like I do, consider supporting this essential tool: github.com/sponsors/mrexodia…. And if x64dbg isn’t in your toolkit, think about supporting the tools that are. Free tools may be 'free', but they’re costly in time and effort for the developers. Let’s support them so they can keep supporting us!
4
18
4,927
🚨 @UHC is hiring a Senior Malware Analyst! 🚨
If analyzing malware is your mission, apply now: careers.unitedhealthgroup.co…
This is a remote role, but candidates must be located in the U.S.
Not for you? Please retweet – this might be the opportunity one of your followers has been waiting for.
5
5
1,472
Anuj Soni retweeted
24 Sep 2024
🤩 I’m honored to announce that I’ve been nominated for the @SANSInstitute Difference Maker award in the category "Practitioner of the Year"! 🎉
If you’ve liked my work, you can cast your vote here 👇Thanks a lot for your support! 🙏 ❤️ #infosec
survey.sans.org/jfe/form/SV_…
15
15
114
9,935
Anuj Soni retweeted
20 Sep 2024
capa v7.3 out!
Recently we’ve added:
- Drakvuf and @vmray sandbox support
- web interfaces for results, rules, and homepage
- BinExport2 backend that enables aarch64 and Android analysis via Ghidra
- …and of course lots of new rules
github.com/mandiant/capa/rel…
1
37
110
9,925
Huge thanks to @vinopaljiri for his ConfuserEx2 deobfuscation tools—worked flawlessly on a recent sample! 🔥 Check out his detailed walkthrough: youtu.be/y_ma9cLFdmY?si=3O7j… and the tools: github.com/Dump-GUY/Confuser…
1
23
69
6,397
Has anyone successfully used the x64dbg HyperHide plugin (github.com/Air14/HyperHide) to bypass anti-debug techniques? I can’t get it going on a Win10 x64 VM (when I start the airhv service it fails the initialization routine). Haven’t tried compiling it from source yet.
3
2
8
1,683