RPRudra Ponksheinblog.realrudrap.dev·2d ago · 16 min readThe Media Player that wasn'tContinuing from the first part of the series, where I left off with the DEX file from r_4dfb.bin, it claimed to be a media player. Spoiler alert, it wasn't, and it never was Cracking the container He20
RPRudra Ponksheinblog.realrudrap.dev·4d ago · 15 min readThe Spam SMS that turned into a rabbit hole⚠ WARNING: If you received a SMS claiming your vehicle has an outstanding RTO challan with a link which downloads an .apk file, do not open it. This is an active malware campaign as of June 2026 imper20
AMAsad Mehmoodinasad0x7.hashnode.dev·Jun 16 · 7 min readPart 1: x86 Architecture for Exploit Developers — Program Memory, the Stack, and CPU RegistersTL;DR — A 32-bit Windows process lives in 0x00000000–0x7FFFFFFF. The stack is a per-thread LIFO area (PUSH/POP) holding arguments, locals, and return addresses, bundled per call into a stack frame (pr00
NINeville Iregiinm0ng00s3-blog.hashnode.dev·Jun 13 · 11 min readSolving a simple CrackmeIntroduction Solving crackmes (or cracking challenges) can be a valuable part of learning and practising C programming, especially when developing skills for a career in cybersecurity. Crackmes, short00
RPRebika Parajuliinpico-ctf.hashnode.dev·Jun 12 · 3 min readkeygenme-py | CyLab Security Academy (PicoCTF)keygenme-py is a Medium level ctf challenge in the reverse engineering domain. A python script with no instructions in present in this challenge. A file named keygenme-trial.py is provided. Upon downl10
JTJeff Tonginwind010.hashnode.dev·Jun 10 · 6 min readMalicious Github Repository AnalysisDiscovery I was doing some research on CVE-2026-41940 after catching up on the Security Now podcast and looked for a PoC to better understand the the vulnerability. That's when a simple Google search 10
SSSandheep Sinhiddenarchitectures.hashnode.dev·Jun 10 · 6 min readThe Day Finding the API Wasn't the SolutionWhen I first opened the Chinese portal, I expected a fairly standard workflow. Most government portals follow a familiar pattern: Search ↓ API Request ↓ Results ↓ Detail API Find the search API. Find 02O
RPRavidu Priyankarainravindu-priyankara.hashnode.dev·Jun 8 · 18 min readThe Case of the Disappearing eBPF Instruction: Inside Map FD Relocation and BPF_LD_IMM64While reading the disassembly of a compiled eBPF program I was working on, I noticed something strange — the 6th instruction was missing. Reading through the full disassembly again, I realized it wasn00
NNigmazinbluecyber.hashnode.dev·May 26 · 35 min readMUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chainTL;DR. The malware sample uses the three-file set Avk.exe, Avk.dll, and AVKTray.dat, deployed from an MSI file downloaded by Browser_Updater.exe. The execution chain starts with DLL sideloading throug00
KHKhoa Hoànginblogs.night-wolf.io·May 26 · 20 min readFirmware Emulation With an Automated Skill SetFirmware Emulation With an Automated Skill Set tags: firmware, emulation, qemu, reverse-engineering, cybersecurity Khoa Hoang Anh, May 25, 2026 Link repo: https://github.com/9wteam/firmware-emulation-00
