Animal liberation activist & Reverse Engineer 🌟 Forbes 30 Under 30 •
Maintainer of Cutter and Rizin • Leading Research @ Check Point •
I don't eat animals.
Feb 22, 2021 • 13 tweets • 3 min read
I'm excited to share our research in which we show that a 0-Day attributed to the Chinese APT31 was actually caught by the APT and replicated from Equation Group's 0-Day exploit for the same vulnerability. Here are some of the highlights — A long thread >> research.checkpoint.com/2021/the-story…
In our on-going project, @EyalItkin and I analyze Windows LPE 0-Day exploits and try to extract unique "fingerprints" that can be used for attribution of past and future exploits. We sat to analyze CVE-2017-0005, a 0-Day of a particular interest >>
Dec 16, 2020 • 5 tweets • 3 min read
The attackers behind the #SUNBURST malware put a lot of effort into trying to avoid detection by analysts and security vendors. Not only this, but they also tried to make sure to stay under the radar of #SolarWinds developers and employees. A thread >>
When brute-forcing the FNV-1a hashes embedded in #SUNBURST, I noticed that some of the cracked strings look like domain names of #SolarWinds internal networks across the globe. If the domain of the infected computer ends with one of these names, the malware would not run >>
Aug 2, 2018 • 17 tweets • 10 min read
radare2 is one of the most famous RE frameworks out there. That said, it has some great features, and Easter-eggs that very few people know in details. This is going to be a thread – fasten your seatbelts and get ready for a journey into the less-known features of @radareorg! >>
First things first, some history. The radare2 project was created by @trufae in February of 2006 to provide a free and simple command-line hexadecimal editor. Starting from a one-man-show, radare2 nowadays gathered a huge community and a substantial number of contributors >>