TL;DR Cool stuff and great contribution, but tarnished by some omissions that make it seem to have a bigger impact and general applicability than it really has, imho.
A thread 🧵
First things first. I don't consider myself an expert, but I'm quite familiar with academic literature regarding MBA (de)obfuscation. This paper constitutes great research, provides a novel proof and offers promising results.
Dec 1, 2020 • 19 tweets • 13 min read
🔥 #AdventOfReversing 1/24 🔥
Get dirty as soon as possible. Don't fall into thinking you are not ready. Sure, you will be confused by many things at first. That's fine! I used to confuse sections and segments when I started. Keep pushing, and things will become clear naturally.
🔥 #AdventOfReversing 2/24 🔥
Get used to (re)name *everything* in your disassembler. You might be able to mentally track data across registers and memory for small crackmes w/ easy control flow, but this does not scale at all. Unclutter your mind. Make your life easier.
Jul 24, 2020 • 5 tweets • 3 min read
📢Just published my Maths & CS BSc thesis:
📄"Code deobfuscation by program synthesis-aided simplification of Mixed Boolean-Arithmetic expressions".
Serves as an intro/review to:
- Code (de)obfuscation
- MBA expressions
- Program synthesis