Alexandre Borges @ale_sp_brazil Twitter profile

Pinned Tweet

Alexandre Borges

5 months

To date I've already written 644 pages to help the security community and, hopefully, more articles will be released in the coming months: 9. 8. 7. 6. 5. 4.…

11

284

911

Last Seen Profiles

@ReardonReports

@truenouk

@CharlotteGelet1

@FormulaFishing

@Invoice_iranai

@lena_popina

@kotetsu09646016

@stw_pdg

@kumwehub

@creatures_deep

@OX4Sound

@TLyO1dthPibIZXe

@ShashivkhV

@StradaVitoria

@JUGGHarden

@ProGuild_sk

@Buttcopter

@2TChalla2Stan

@Hive_HPC

@_NotAya

@EdgeDaDon32

@gillingham_alex

@TTschammler

@mallu_boy_kuttu

@heyerinevans

@InterstitiumAu

@mallu_boy_kuttu

@shineyojae

@BioAlexFella

@jacac_sd

@karmaisadyke

@jandakembangstw

@project499

@MyVetPro

@xiaoxi_meng

@Witchanon3

Alexandre Borges

@ale_sp_brazil

1 year

Malware Analysis Series has exactly 450 pages so far: MAS_1: MAS_2: MAS_3: MAS_4: MAS_5: MAS_6: MAS_7:

Malware Analysis Series (MAS) – Article 7

The seventh article in the Malware Analysis Series (MAS) is available for reading on: (PDF): I hope readers like it. Have an excellent day and keep reversing! Alexandre Borges PS: the version A.1 i…

exploitreversing.com

36

543

1K

Alexandre Borges

@ale_sp_brazil

1 year

So far I've written 559 pages to help the security community: 1. 2. 3. 4. 5. 6. 7. 8.

Exploiting Reversing (ER) series: article 01 | Windows kernel drivers – part 01

The first article (109 pages) in the Exploiting Reversing (ER) series, a step-by-step vulnerability research series on Windows, macOS, hypervisors and browsers, is available for reading on: (PDF): …

exploitreversing.com

35

413

1K

Alexandre Borges

@ale_sp_brazil

4 years

This tweet is for beginners in reversing. A well-known type of malware is a downloader, which fetches a second malicious stage from the Internet. Most of them use WinINet APIs and a possible sequence of API calls is shown on the following pictures. #malware #security #assembly

5

321

1K

Alexandre Borges

@ale_sp_brazil

4 years

This tweet is for beginners in reverse engineering. The code in the pictures is a small part of a sequence used for establishing a network connection using Winsock2 APIs. Remember: details can be important. #cybersecurity #assembly #malware #programming #reverseengineering

5

249

900

Alexandre Borges

@ale_sp_brazil

11 months

After taking a necessary break, I returned writing new articles. To keep myself motivated, little by little I will be producing several articles in parallel: - Exploiting Reversing: article 02 - MAS 08, 09, 10 and 11. - CPP reversing series: article 01 (finally). Next week…

15

234

860

Alexandre Borges

@ale_sp_brazil

2 years

The sixth article in the Malware Analysis Series (MAS) is available: The C2 configuration extractor is slightly less trivial than expected. Thank you @ilfak and @HexRaysSA for supporting and providing me with IDA Pro. #malwareanalysis #malware

20

305

797

Alexandre Borges

@ale_sp_brazil

2 years

The second article of MAS (Malware Analysis Series) is available for reading! The PDF version (96 pages) can be downloaded from: Have an excellent day. #malware #malwareanalysis #reverseengineering #programming #threathunting

10

326

787

Alexandre Borges

@ale_sp_brazil

1 year

The first article in Exploiting Reversing (ER) series is available (109 pages): Thank you @ilfak and @HexRaysSA for supporting me in every project. #reversing #windows #idapro

10

253

779

Alexandre Borges

@ale_sp_brazil

3 years

The first article in the Malware Analysis Series (MAS) is available (36 pages): (link 1): (link 2): Slides and other articles are available on: #malware #reverseengineering #programming #threathunting

13

295

763

Alexandre Borges

@ale_sp_brazil

3 years

Next week I'll release the first post of a long series of articles about malware analysis. The first article will cover a simple malware (Hancitor), which we'll unpacking and extract C2 configuration (Python 3, since always) in the "part 1". Details coming soon.... #malware

12

167

761

Alexandre Borges

@ale_sp_brazil

4 years

I've released Malwoverview 4.0.3: Malwoverview gathers information from Malpedia, Alien Vault, Polyswarm, URLHaus, VT, Hybrid Analysis, Malshare and ThreatCrowd. It also checks Android devices for malicious packages. #ThreatHunting #cybersecurity

4

275

747

Alexandre Borges

@ale_sp_brazil

2 years

After a break, the fifth article in the Malware Analysis Series (MAS) is available: (link): Good reading and have an excellent day. #idapro #reverseengineering #reversing #malwareanalysis #malware #windows

10

281

742

Alexandre Borges

@ale_sp_brazil

1 year

The seventh article in the Malware Analysis Series (MAS) is available: Thank you @ilfak and @HexRaysSA for supporting me from the beginning of this project. #malwareanalysis #malware

8

250

681

Alexandre Borges

@ale_sp_brazil

1 year

Interesting project: #exploit #exploitation

3

172

600

Alexandre Borges

@ale_sp_brazil

4 years

In malware analysis, every detail is important. This picture comes from a malicious DLL, whose exported function is called by an executable (not found on VT). You'll find these instructions several times, so it's relevant to understand what's going on. #malware #CyberSecurity

7

164

584

Alexandre Borges

@ale_sp_brazil

5 months

I've just released the second article (85 pages) in Exploiting Reversing (ER) series: link: I'd like to thank @ilfak and @HexRaysSA for your continued support on my articles. Have an excellent day. #reverseengineering #idapro #vulnerability

11

176

581

Alexandre Borges

@ale_sp_brazil

3 years

In malware analysis, the focus is on binaries and their details (C2, persistence, injections/hooking, anti-forensics techniques). On the other hand, maldocs are trivially simple to solve and most of them take 5 minutes or less to collect information. Don't waste time. #malware

4

183

570

Alexandre Borges

@ale_sp_brazil

4 years

While reversing and analyzing malware threats, each piece of information is relevant. The sequence of pictures shows the preparation made by the malware for a later code injection into a specific process. Pay attention to details. #malware #reversing #security #programming

10

176

544

Alexandre Borges

@ale_sp_brazil

2 years

The third article in the Malware Analysis Series (MAS) is available for reading on: Next week I'll release the fourth article. Have an excellent day. #malwareanalysis #reverseengineering #reversing #programming

6

208

520

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview is able to collect information about a malware from VirusTotal, Hybrid Analysis, URLHaus, Malpedia, Polyswarm, Malshare, Alien Vault, Valhalla and ThreadCrowd. Additionally, it checks packages from Android mobiles. #ThreatHunting #Malware

3

209

493

Alexandre Borges

@ale_sp_brazil

4 years

Finally: Malwoverview 2.0 (in Python 3.x) is available! There're so many news, so it's better to check on the GitHub ;) #malware #threatintelligence #threathunting #security

5

213

490

Alexandre Borges

@ale_sp_brazil

2 years

The fourth article in the Malware Analysis Series (MAS) is available for reading on: Have an excellent day. #malwareanalysis #reverseengineering #reversing #programming #dotnet #csharp

7

175

473

Alexandre Borges

@ale_sp_brazil

2 years

I just started writing the third article of MAS (Malware Analysis Series). I should have released it in early/mid March, but several job projects made it impossible. I hope to release new articles every 45 days from now on. #malwareanalysis

5

114

463

Alexandre Borges

@ale_sp_brazil

3 months

People say everyone should use Rust instead of C/C++ because Rust is memory safe while C/C++ wouldn't be, but that's not true (not even close). The main problem with C/C++ is that many developers do not care about security while programming and do not use various available…

37

73

453

Alexandre Borges

@ale_sp_brazil

2 years

I've been very slowly working on the following in my spare time: 1. MAS 2. C++ reversing series (C++ 20 included) 3. IDA Pro programming series (it could be part of MAS or not). 4. Windows reversing 5. Malwoverview Let's get to work. #malware #reversing #programming #idapro

5

126

438

Alexandre Borges

@ale_sp_brazil

10 months

Malwoverview 5.4.1 has just been released: It works on Windows, Linux and macOS. Once again: even though I am forever away from the malware analysis, I will continue to maintain Malwoverview and write articles on R.E. #threathunting #malware

6

118

423

Alexandre Borges

@ale_sp_brazil

8 months

If you have just started learning reverse engineering and malware analysis, you should pay attention to simple and well-known tricks that still have been used by adversaries when analyzing the resulting assembly code. #idapro #reversing

4

78

422

Alexandre Borges

@ale_sp_brazil

2 years

While reversing code, remember fundamental concepts about thread synchronization. #malware #reversing #threatanalysis

0

93

409

Alexandre Borges

@ale_sp_brazil

4 years

This sequence of pictures shows a reversed code related to a banking Trojan, which uses a simple code injection technique to compromise a banking application. I hope it can help someone. #malware #Trojan #reversing #assembly #programming #cybersecurity #security #cyberthreats

6

138

397

Alexandre Borges

@ale_sp_brazil

1 year

People have asked if I'm going to keep writing articles about reversing. At this time, I'm working on the following articles: - MAS 7 - MAS 8 (different from previous ones) - CPPRS (C++ reversing series) - MASLim (malware analysis on Linux/iOS/macOS) #malware #idapro

8

80

405

Alexandre Borges

@ale_sp_brazil

3 years

During malware analysis, the fundamental steps before starting the real analysis are: unpacking, resolving imports and strings de-obfuscation. Learning programming (C/C++/C# and Python) is always useful. #malware #reversing #programming #idapro #cybersecurity

4

113

390

Alexandre Borges

@ale_sp_brazil

2 years

Remember the foundations on code injection in malware analysis. #malwareanalysis #malware #reversing #assembly

5

95

397

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview is able to collect information about malware threats from Polyswarm, Malshare, Alien Vault, Valhalla, ThreadCrowd, VirusTotal, Hybrid Analysis, URLHaus and Malpedia. It also checks packages from Android mobiles. #ThreatHunting #Malware

5

145

396

Alexandre Borges

@ale_sp_brazil

2 years

Last week I released the second article of MAS (Malware Analysis Series) and links follow below: (article 1 - 36 pages): (article 2 - 96 pages): I start writing the 3rd one very soon. #malwaranalysis #reversing #malware

5

134

388

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview 4.0.2 is available: Three methods to install it: 1. pip3.8 install git+ 2. python -m pip install -U malwoverview 3. git clone #malware #ThreatHunting #cybersecurity #cyberthreats

1

149

372

Alexandre Borges

@ale_sp_brazil

2 years

I started writing a new series about C++ reversing (mainly focused on C++ Standard Library --containers, iterators and templates, in general) using short and educational programs. Of course, the reversing task is slightly harder... #reversing #reverseengineering #cpp #idapro

5

73

370

Alexandre Borges

@ale_sp_brazil

3 years

Pieces of thread synchronization code are usually skipped over during malware analysis (time is restricted to C2, persistence, injection/hooking...), but they offers details and rich information on the sample. C programming is always great. #malware #programming #cybersecurity

1

111

355

Alexandre Borges

@ale_sp_brazil

9 months

Remember: debugging Windows kernel with IDA Pro is simpler than might think. #idapro #reversing #windows

10

83

359

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview 2.0.7 is online! This version allows installation using pip: $ pip3.7 install malwoverview (Linux) $ python -m pip install malwoverviewwin (Windows) Further information is available on: (Github) #malware #dfir #threathunting #security

3

174

359

Alexandre Borges

@ale_sp_brazil

3 years

Basics on malware analysis for beginners: most people only pay attention to the called APIs, but it might be interesting to pay attention to how arguments are constructed. #reversing #malwareanalysis #cybersecurity

2

118

357

Alexandre Borges

@ale_sp_brazil

3 years

While I'm still writing the first article of MAS (Malware Analysis Series), which I'm late because heath issues in family and also I was assigned to two private tranings, I leave a simple article about maldocs: (PDF): #malware

3

102

352

Alexandre Borges

@ale_sp_brazil

5 years

(PDF Slides) My presentation at DEF CON 27 follow... .NET Malware Threat: Internals and Reversing: #dotnet #reversing #malware #security #cyber #programming

4

152

340

Alexandre Borges

@ale_sp_brazil

2 years

As I promised, Malwoverview 5.0.0 is available and includes new features, many changes and fixes: #malware #threathunting

1

103

329

Alexandre Borges

@ale_sp_brazil

3 years

I keep encouraging professionals to learn C/C++/C# programming because it can improve their skills on reversing malware. This quite simple downloader (from my C# course) generates 567 functions (after published it is a native code - 147K) to be analyzed on IDA Pro. #programming

6

66

324

Alexandre Borges

@ale_sp_brazil

1 year

If anyone needs to setup IDA Pro for kernel debugging... #windows #idapro

4

96

332

Alexandre Borges

@ale_sp_brazil

4 years

Once again, few pictures explaining a short piece of reversed code related to service management follow below for helping beginners in their studies on malware analysis. #malware #ReverseEngineering #security #cybersecurity #programming #Assembly #Windows #cyberthreats

4

97

325

Alexandre Borges

@ale_sp_brazil

3 years

Slides from my talk on BHACK Conference 2021 are available on: #golang #reverseengineering #malwareanalysis

2

127

330

Alexandre Borges

@ale_sp_brazil

5 years

(PDF slides) Mastering NSA's Ghidra Reverse Engineering Tool: #reversing #ghidra

1

122

322

Alexandre Borges

@ale_sp_brazil

1 year

I've been writing the "Malware Analysis and Reverse Engineering" course, which will have 15 sections (planned). The focus will be on providing information and techniques. As my deadline is November, so there is still time and details will come later. #malware #reversing

4

38

311

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview 4.0 is available and includes many options for Alien Vault( @attcyber ), @malpedia , @PolySwarm and ThreatCrowd, joining to existing URLHaus @abuse_ch , @mal_share , @virustotal and @HybridAnalysis options. Malwoverview: #malware #ThreatHunting

2

139

309

Alexandre Borges

@ale_sp_brazil

3 years

Malwoverview 4.3.4 is available: It offers information from VT, HA, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar and ThreatFox. It's also able to scan Android devices against VT and HA. #threathunting

3

117

312

Alexandre Borges

@ale_sp_brazil

2 years

Providing basic Windows internals concepts to students before teaching about kernel driver programming. #programming #windows #security

1

52

301

Alexandre Borges

@ale_sp_brazil

2 years

Malware samples, shared by @vxunderground , which are using stolen NVIDIA and long expired certificates. You can easily download them from Malware Bazaar and Triage using Malwoverview: Once again: credits to @vxunderground #malware

3

119

303

Alexandre Borges

@ale_sp_brazil

2 years

While I'm still writing the 2nd article of Malware Analysis Series (MAS), which I'm on page 43 and far from the end, I dropped a short and simple write-up on malicious document to help beginners on threat analysis. #maldoc #threatanalysis

0

76

295

Alexandre Borges

@ale_sp_brazil

3 years

I've been very busy and focused on security researches (15 hours a day), so it's almost impossible to publish something on Twitter. Anyway, I'm leaving some pretty basic code involving privileges. My goal is to post one tweet every two weeks :) #malware #idapro #assembly

5

68

293

Alexandre Borges

@ale_sp_brazil

4 years

While analyzing malware sample, we're usually interested in unpacking the sample, de-obfuscating it, finding C2 communication, code injection injections and hookings, persistence and so on. Eventually, pay attention to details could help you. #malware #reversing #programming

1

83

290

Alexandre Borges

@ale_sp_brazil

4 years

After many years, malware continue using simple virtual machine detection such as temperature checking in different languages such as C++, Powershell, and so on... I've quickly written a short and bare code in .NET C# to show the trivial technique. #malware #programming #dotnet

4

81

276

Alexandre Borges

@ale_sp_brazil

3 years

Malware communicates through a C2 using network API sets such as WinSock2, WinINet, COM interface (CoCreateInstance( ), CoInitialize( ), ...), WinSock Kernel and NDIS library. Learning details could help you. This example is about WinINet APIs. #malware #reversing #assembly

1

64

261

Alexandre Borges

@ale_sp_brazil

1 year

My colleague Elias Bachaalany ( @0xeb ) has kept an excellent channel about IDA Pro ( @allthingsida ) with videos about its advanced features. No doubts, it's worth subscribing and following it. #idapro #reverseengineering

All things IDA

Hi, my name is Elias (@allthingsida). I created this channel to share my programming, reverse engineering and IDA Pro knowledge. I'm always learning and I don't have all the answers, so if I ever get...

www.youtube.com

5

83

261

Alexandre Borges

@ale_sp_brazil

8 months

Although I have permanently transitioned to vulnerability research, I have plans to release new versions of Malwoverview and continue maintaining it after I finish writing the five pending articles: There've been 91K downloads so far. #threathunting

5

70

259

Alexandre Borges

@ale_sp_brazil

2 years

I've been writing C, C++, Rust and Kernel Drivers courses, and it's always great to teach programming to other security researchers. Nobody needs to be a programmer before working with reverse engineering and OS internals, but these skills could help you. #programming

6

37

253

Alexandre Borges

@ale_sp_brazil

3 years

A couple of years ago I lectured about .NET reversing (".Net Malware Threat: Internals And Reversing") and, just in case you need some help on the subject, so slides follow: #malware #dotnet #reversing #programming #cybersecurity

1

109

242

Alexandre Borges

@ale_sp_brazil

3 years

Are you learning reversing and malware analysis? Sometimes details matter... ;) #malwareanalysis #reverseengineering

3

46

239

Alexandre Borges

@ale_sp_brazil

4 years

I've commented another slide of my SANS 2020 presentation. Although concepts are very simple, I hope it can encourage new professionals to follow the reverse engineering career. By the way, my slides follow: #malware #programming #reversing #security

3

79

233

Alexandre Borges

@ale_sp_brazil

5 years

People have requested the slides from my talk at DEF CON China 2019: MODERN MALWARE - OBFUSCATION AND EMULATION; There are few slides about DTrace on Windows. ;) #defcon #defconchina #hacking #malware #obfuscation #windows #reversing

2

90

231

Alexandre Borges

@ale_sp_brazil

2 months

People ask why I haven't spoken at conferences in the last four years. In fact, my decision was made in 2022 for several reasons: 1. Due to the nature of my work (Windows/Hypervisors/Browsers exploitation), I cannot comment or present anything (and it isn't recommended). 2. The…

3

21

227

Alexandre Borges

@ale_sp_brazil

2 years

I am not completely sure whether I will keep it as second or third article (I'm also writing an article on native binaries including COM reversing), but I already started writing the second and third articles of the MAS (Malware Analysis Series). #malwareanalysis

2

47

222

Alexandre Borges

@ale_sp_brazil

3 years

Slide deck from my very simple presentation on SANS event (2020) follow below just in case it helps someone: #reversing #programming #malware

0

74

222

Alexandre Borges

@ale_sp_brazil

6 years

Slides from my talk at DEFCON 26: RING 0/-2 ROOKITS : COMPROMISING DEFENSES -- Thank you @defcon for everything! I had an outstanding week. #malware #reverseengineering #DEFCON26 #defcon

4

111

215

Alexandre Borges

@ale_sp_brazil

4 years

Chromium IPC Sniffer: This utility helps you explore what Chrome processes are saying to each other under the hood in real-time, using Wireshark. #chrome #ipc #cybersecurity

0

75

215

Alexandre Borges

@ale_sp_brazil

10 months

(excellent work) NtDoc: Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers. #nativeapis #windows #programming #exploitation

3

60

215

Alexandre Borges

@ale_sp_brazil

4 years

People have asked me to comment on the call stack manipulation slide from my presentation for SANS, so I wrote few words explaining each line of the assembly code. I hope it helps. #security #reversing #assembly #programming #cybersecurity

5

56

214

Alexandre Borges

@ale_sp_brazil

3 years

I started writing a long and detailed first training on rootkits analysis (including programming, of course), which will be produced slowly, but one of its slides follows below. Everything is important: concepts, programming, tools and analysis. #malware #programming #rootkits

3

40

207

Alexandre Borges

@ale_sp_brazil

19 days

If you intend to exploit browsers (v8/chrome), don't forget to read all source files, which contain tons of rich information, and as an example we have Maps (they hold object's type, size, element/properties' location...), where similar objects (same memory layout) are…

4

35

205

Alexandre Borges

@ale_sp_brazil

3 years

Maldocs are the main vector of malware infection these days (about 70%). Understanding them are not usually difficulty (certainly, dozens times easier than any malicious binary), but it's so important to learn how to do it. #malware #maldocs #cyberthreats #cybersecurity

3

62

199

Alexandre Borges

@ale_sp_brazil

2 years

After taking a 30-day break from writing articles due to work tasks and changes in my career, I'm slowly picking up and opening another two series: C++ Reversing and iOS/macOS/Android malware analysis. I hope to be able to release something in the next 60 days. #malware #idapro

0

42

196

Alexandre Borges

@ale_sp_brazil

11 months

Before releasing new articles on reversing engineering, I had promised an introductory and short article about Malwoverview and Tines ( @tines_io ) to help professionals to use them, so here it is: Next articles will be about reversing engineering and…

1

63

190

Alexandre Borges

@ale_sp_brazil

1 year

(interesting) WinDiff is an open-source web-based tool which allows browsing and comparing symbol and type information of MS Windows binaries across different versions of the OS. WinDiff: Github repository: #windows #kernel

0

53

187

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview 3.0.0 is available! This version includes information gathering by IP from VT and Polyswarm, Yara information from Malshare, searching for URL and payload by tag from URLHaus and searching for domain/URL from Polyswarm. #ThreatHunting

0

71

186

Alexandre Borges

@ale_sp_brazil

3 years

Attack Surface Analyzer is a Microsoft developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of software or system misconfiguration:

GitHub - microsoft/AttackSurfaceAnalyzer: Attack Surface Analyzer can help you analyze your...

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation. - microsoft/AttackSurfaceAnalyzer

github.com

4

64

182

Alexandre Borges

@ale_sp_brazil

3 years

I've just published "MAS" Article 1 -- version 1.1. As I'd simplified the original script on page 30, I left (by mistake) two dead lines there (now both removed) The new version (A.1) of the PDF (and next updates) will be published here: #malware

0

61

183

Alexandre Borges

@ale_sp_brazil

2 years

I hope to be releasing the new version of Malwoverview in the next few days, including new features and most importantly, dozens of fixes and changes. #threathunting #malware

0

49

179

Alexandre Borges

@ale_sp_brazil

3 years

We usually overlook several important instructions during analysis because the common targets are C2, injection methods, persistence, exploits and anti-forensics, but if you pay attention to details, you'll note details that might be relevant for an investigation. #malware

1

42

180

Alexandre Borges

@ale_sp_brazil

1 month

I have been slowly writing the next articles: 1. MAS 08: Introduction to MacOS malware analysis. 2. ER 03: macOS/iOS (part 01) 3. MAS 09: Shellcode Analysis 4. ER 04: Browsers or Hypervisors (part 01) 5. RE 05: Hypervisors or Browsers (part 01) MAS 09 will be the last article…

3

32

180

Alexandre Borges

@ale_sp_brazil

2 years

Malwoverview 5.0.2 is available: If you haven't test it yet, Android malware samples and third-party apps on Android mobile devices (no rooting required) can be scanned on Virus Total. #ThreatHunting #malware

2

73

176

Alexandre Borges

@ale_sp_brazil

5 years

For a very particular reason, I needed to compile the WinAFL fuzzer, though the project offers binary versions for x86 and x64, and I've noticed why many people have problems to do it on their own. Thus, I've made a short procedure to do it: #fuzzing

0

58

172

Alexandre Borges

@ale_sp_brazil

2 years

I've been busy for the last few weeks, but here's a basic tip on how on setting IDA Pro + WinDbg. Most of the time, I use windbgx + TTD to vulnerability research, but in some situations having IDA Pro + WinDbg integrated is a time saver. #idapro #windbg #windbgx #cybersecurity

5

42

170

Alexandre Borges

@ale_sp_brazil

7 months

(interesting) Use Wasm to Bypass Latest Chrome v8sbx Again: #google #chrome #vulnerability #bug #wasm

Use Wasm to Bypass Latest Chrome v8sbx Again

01 - Introduction

medium.com

1

54

164

Alexandre Borges

@ale_sp_brazil

2 years

The offline version of MSDN has always helped me a lot during C/C++/C#/kernel driver programming, Windows reversing and malware analysis tasks. #programming #reversing #windows #malwareanalysis

1

37

163

Alexandre Borges

@ale_sp_brazil

4 years

Have you got interested in installing the CFPsec script to check Call for Papers and Upcoming Conferences? I've made the installation easier: pip install cfpsec You won't miss Call For Papers anymore ;) #conferences #security

5

67

167

Alexandre Borges

@ale_sp_brazil

1 year

Malwoverview 5.2 has been released: To update it: python -m pip install -U malwoverview It runs on Windows, Linux and macOS. Check the GitHub's page. #ThreatHunting #malware #threatinformation #cybersecurity #blueteam

0

68

165

Alexandre Borges

@ale_sp_brazil

6 months

Few months ago I delivered my last article: . I will continue writing articles from my previous area and hopefully I will be releasing new ones in about six weeks, even it's hard to find time to draft new texts. Let's see. #reversing #drivers

1

44

166

Alexandre Borges

@ale_sp_brazil

3 years

From a new course that I'm writing.... #reversing #devicedrivers

3

32

166

Alexandre Borges

@ale_sp_brazil

28 days

In any vulnerability research procedure: 1. Collect information about the target. 2. Do a good reverse engineering. 3. Try to understand everything about how the target works. 4. List and track possible interactions and privilege rights. 5. Debug it! Ever! #vulnerability

0

30

166

Alexandre Borges

@ale_sp_brazil

4 years

Malwoverview 4.1 is available! This version includes VALHALLA service from @thor_scanner . Malwoverview offers information from Malpedia, Alien Vault, VT, Hybrid-Analysis, URLHaus, Malshare, ThreatCrowd, Polyswarm and Valhalla. #ThreatHunting #malware

1

82

160

Alexandre Borges

@ale_sp_brazil

3 years

During simple reversing tasks, good details can emerge when you look closely ... #reversing #programming #security

0

50

158

Alexandre Borges

@ale_sp_brazil

2 months

Windows 11 has a simple and useful sandbox feature, great for creating disposable virtual machines, where you can run and analyze binaries for vulnerability research and malware analysis. Apparently, it's still a little-known feature. #windows #sandbox

2

40

158

Alexandre Borges

@ale_sp_brazil

1 month

For people asking me if I will publish a new version of Malwoverview, the answer is YES, and more details will be released in the coming weeks. Even if I am forever away from malware analysis, I will maintain the project. #malware #threathunting

0

48

154

Alexandre Borges

@ale_sp_brazil

3 years

(mini-book) Building C2 Implants in C++: A Primer #c2 #commandandcontrol #cybersecurity #redteam

Introduction | Building C2 Implants in C++: A Primer

Intro to the book contents and what to expect.

shogunlab.gitbook.io

0

55

151