Have you ever wondered what lies behind our security publications? What tricks are used to understand the inner workings of malware faster and more efficiently? If you’ve ever wanted to know the answers to these questions, pull up in a chair and get comfortable; you’re in the right place.... Click to Read More
A Fuzzing Drill Hits the Motherlode Research By: Yoav Alon, Netanel Ben-Simon – December 12, 2018 Introduction The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities... Click to Read More
In this part we show how to deal with obfuscated Windows API calls in Ngioweb malware using Labeless and x64dbg without reconstructing API-resolving algorithm. If you’re new to all this Labeless stuff, though,... Click to Read More
In this part we show how to decrypt strings present in the module of Boleto malware – without reconstructing the decryption algorithm. If you’re new to all this Labeless stuff though, please refer... Click to Read More
In this part of our Labeless series, we will discuss the theory behind Labeless scripting. If, however, you’re new to all this Labeless stuff, please refer to the previous articles in this series... Click to Read More
In this part we show how to automatically resolve all WinAPI calls in malicious code dump of LockPoS Point-of-Sale malware. Instead of manually reconstructing a corrupted Import Address Table we simply extract a... Click to Read More
In this part we will be guiding you through the installation of Labeless. Post install steps to verify that installation was done correctly are also provided below. Of course, if you’re new to... Click to Read More
Labeless, a plugin for both IDA and popular debuggers, is an invaluable tool in the researcher’s tool kit. In this first part of a four part series, we will be mainly introducing Labeless... Click to Read More
June 7, 2018 (updated December 2018) Required Background: Basic experience with virtual machines, i.e. creating a VM and installing an OS. The most technically involved it gets is setting up a working SSH server... Click to Read More
Check Point Software Blog