Tools.

Jul 4, 2020

Deobfuscating APT32 Flow Graphs with Cutter and Radare2

Deobfuscating APT32 (Ocean Lotus) control flow graphs using Cutter and radare2. Techniques for removing junk code and simplifying obfuscated binaries.

Dec 23, 2019

5 Ways to patch binaries with Cutter

Five methods for patching binaries using Cutter: NOP instructions, reversing jumps, editing assembly, writing bytes, and applying patches from the hex editor.

Nov 27, 2015

XOR Files With Python

Python script that XORs two files together. Useful for RAID 5 data recovery, binary deobfuscation, and forensic analysis.

Nov 2, 2015

XOR Files With Powershell

PowerShell script that XORs two files together. Useful for RAID 5 data recovery, binary deobfuscation, and forensic analysis.