AboutHello, my name is Attila. I do reverse engineering, like data formats, especially the binary ones, and make notes about them. Also, I'm a casual juggler.
Static Exploration of Binary Data
Overview of HexLasso
Summary of Analyzers
Getting the Most Distinct Parts of the File
Interpreting the Result of Byte Coverage Analysis
Visualizing the Byte Coverage in Hexdump
Creating Annotated Hexdump
Identifying the Characteristics of Bytes
X86 Fragment Analyzer
Five Random Things about Entropy
Automating Hexdump Analysis
Unexpected Results When Analyzing Files in a Windows Installation
Spotting Redundancies in High Entropy Data
A Collection of Utilities for Static Binary Data Analysis
A Collection of Reading Materials for Static Binary Data Analysis
The goal of HexLasso is to provide the description of the layout of the given file that assists in decision making.|
The input file can be known and unknown, textual and binary, from trusted and untrusted sources.
HexLasso is an experimental project.
HexLasso has a blog and a Twitter feed.
Reversing on Windows
Coding, Reversing, and Security Testing
Bug in Notepad Involving Asterisk in Title Bar
Working Around the Inherent Slowness of Debugger Conditional Breakpoints
Delta Encoding ASCII Decimal Strings to Achieve Better Compression Ratio
Pre-processing Printable Unicode Text to Achieve Better Compression Ratio
Recognizing CRC32 Value-block Pairs in Binary Data
Concept Note of a Static Tool for Processing Binary Data of Any Kind
78 Pages of 'Reversing on Windows' for Download
Demo Analysis for Cerber Ransomware
Integration of the ILDasm Tool with the Research Environment
Reversing on Windows is a research blog with varied contents but related to reverse engineering on Windows platform.
The primary tools used in the research include: Visual C and C#, Windbg, Hex editor, Pin as DBI tool.
The blog's heyday was between 2012 and 2014 when 64 posts were published with the focus on vulnerability detection.
The blog has a Twitter feed.
Casual 3-ball juggling