YARA rules, a cybersecurity innovation introduced by VirusTotal in 2013, have emerged as an indispensable tool for classifying malware based on textual or binary patterns. These rules drive a significant portion of the detections seen within security products, hence the importance of understanding their utility and function.
Main Text Tutorial -> 2023-06-28 17:04:21 +0000 UTC
View Post
Software Development: SEH and Antidebug
Structured Exception Handling (SEH) and Antidebug mechanisms are vital in software development for ensuring code stability and protection from unauthorized manipulations. Using register flags and exploiting SEH allows detection of debuggers, an action made simpler with C/C++ combined with inline assembly.
Read the full articl...
DESOLATE
K382A-9CD53-0AMT5
Niche - a genetics survival game
R4LKV-J4XZ2-5T7Y2
2023-06-23 20:47:29 +0000 UTC View PostThis unique strategy can be utilized for a vast majority of 3D games, making it a universal trick in your gaming toolbox. If you're keen on exploring the depths of this game hacking technique, dive into this introductory tutorial.
Prior to pl...
2023-06-21 18:24:24 +0000 UTC View PostUnreal Engine's UKismetStringLibrary offers an array of functions for manipulating FString objects. FString is an internal data type used to store wide-char characters as arrays. Unlike C++ strings, FString length encompasses the null terminator, effectively increasing the string length by one. This functionality is particularly relevant in reverse engineering. An example FString "Hello" has a ...
2023-06-18 18:49:42 +0000 UTC View PostTropico 5 Steam Key GLOBAL
RQJY0-K3PQN-CKGG5
Hacknet Steam Key GLOBAL
JNX70-L800D-CHMGY
2023-06-16 22:13:32 +0000 UTC View Post
๐ป How to Reverse Go Binaries
๐พ Increasingly popular for malware
๐พ GoLang vs C binaries: size matters
๐ Detect GoLang via string inspection
๐ง Stripped binaries? Recover info with scripts
๐ก GoLang scripts for IDA Pro and Ghidra
In the realm o...
๐ป How To Bypass Debug Flag Detection
๐ Continuing our Anti-Debug Series
โ๏ธ PEB->NtGlobalFlag
๐๏ธ PEB->BeingDebugged
๐ก GetProcessHeap->Flags
๐ Overwrite the flags to bypass
Debug Flags, integral component...
Baldur's Gate II: Enhanced Edition
L8FR3-6WJRR-RZNJH
Crazy guy
Z6VPQ-5W43X-C42J4
2023-06-12 03:12:31 +0000 UTC View Post๐ฎ Spawning objects in Unreal Engine 4
๐ UGameplayStatics: Key for object spawn.
๐ Dive into Unreal Engine BFL utilities.
๐ ๏ธ GameplayStatics: a modder's best friend.
๐ BlueprintFunctionLibrary: a must-read.
...
2023-06-09 18:53:22 +0000 UTC View PostThe article provides a comprehensive guide on modifying environment variables in Windows using C++ and the Windows API. It introduces readers to the concept of the Windows Registry and its structure, including Keys, SubKeys, and Values. The article then delves into ...
2023-06-08 19:49:02 +0000 UTC View Post
๐ฎ Return address spoofing: changing game dynamics
๐น๏ธ Alters program control flow, disrupts intended behavior
๐ป Execution mechanism overwritten via exploits like buffer overflow
๐ Not an easy game: modern OS and software employ safeguards
๐ก๏ธ...
2023-06-07 17:53:32 +0000 UTC View PostThis article will teach you about what Window environment variables are, how are environment variables on Windows stored, what are the Windows API functions that help you manipulate the environment variables, How to use these Windows API functions and more.
The W...
To find interesting malware I sometimes scroll through the public reports of the Triage sandbox website where different users will execute their malware. I stumbled across the malware for this video as it had a high score but no family detected which means that the employees at Tria...
2023-06-04 17:58:14 +0000 UTC View PostPrison Architect
5GDJ0-L6GQB-Q6QCY
Hacknet
90RZP-HVYZJ-N5KHG
Nuclear Fighter
WY2H7-ZLQJ4-ZEQRH
2023-06-04 17:42:57 +0000 UTC View Post
Welcome to our comprehensive walkthrough on creating a super speed hack for the mountainous world of Sekiro! We'll be delving deep into the mechanics of manipulating distances and velocities to achieve an exhilarating speed boost. Using Cheat Engine, you can adjust your character's movement speed to swiftly navigate through the game. By correctly identifying the relevant memory addresses, you c...
2023-05-31 17:33:47 +0000 UTC View PostHomefront
L2DNE-N6YZ4-TJIFK
Tales of Berseria
HV84P-W5MDB-V0LTY
2023-05-29 20:05:09 +0000 UTC View Post
IMGUI Menu Tutorial
Welcome to this comprehensive imgui tutorial focusing on C++ IMGUI menus. The primary target audience here are reverse engineers like us, who develop imgui cheat menus. Our mission today is to discuss several essential aspects, including images, fonts, icon...
2023-05-21 15:23:06 +0000 UTC View PostRoad Redemption
2I44W-L4XQN-ZEGTQ
Red points
YLRMN-768CP-LIEDM
2023-05-20 19:25:40 +0000 UTC View PostCheat Engine's Ultimap is a powerful tool that can help you understand more about a game's internal operations, particularly when it comes to the execution flow of the game's code. This is a valuable resource when you're reverse engineering games, as it can give you in...
2023-05-17 20:02:42 +0000 UTC View Post
Command and control web panels are an incredibly important part of malware and malware analysis. These web panels are where the threat actors will take control of their victims and task their malware. Commonly these web panels are written in PHP but over the years have been changing into different languages. They are usually hosted on port 443 or 80 on a webserver where the gate for the malware...
2023-05-14 15:22:02 +0000 UTC View PostMetro 2033 Redux
2I44W-L4XQN-ZEGTQ
Bouncing traveler
WP805-PBTYZ-K94IE
2023-05-14 02:55:58 +0000 UTC View Post๐จโ๐ป github.com
๐ facebook.com
๐ธ instagram.com
๐ฅ reddit.com
๐...
Unreal Engine Blueprint Function Library, or BFL, is a set of UClasses mostly comprised of static functions that provide utility functionality that is not bound to any particular gameplay object. In this tutorial we present a simple introduction to BFL and how we ...
2023-05-12 20:24:35 +0000 UTC View Post
Welcome to the world of virtual memory, a key concept in computer science that allows your operating system to create the illusion of having more memory than physically available. Let's embark on this journey to understand what exactly virtual memory is, how it wor...
2023-05-11 18:43:12 +0000 UTC View PostScratching your head over how to snag the Direct3D9 Device Pointer? Typically, when the goal is to render in DirectX 9 via our cheat, our eyes are set on tracking down a pointer leading to the DirectX device. Having that D3D9 device pointer in our possession, we can set a hook on EndScene and kickstart the rendering capabilities. In this write-up, we'll dive into a nifty trick to grab hold of t...
2023-05-10 19:40:29 +0000 UTC View PostFallout 3
D9CDL-KJJDB-PP5BC
Station 99
XLT7X-ICDK6-9JQKM
2023-05-09 22:28:16 +0000 UTC View PostHave you ever wondered why a program does not start when you run it in a debugger? In this article we'll look briefly at the Windows heap, low fragmentation heap policy, and how we can apply this to an anti-debug technique called LFH antidebug. Additionally, we will see how you can bypass this trick in order to prevent this detection.
2023-05-09 21:45:15 +0000 UTC
View Post
In the previous articles you've learned how to write code in Java, and how to call native code from your Java applications. In this article we're going to put all of the pieces together and write a fully functional external hack in Java! We're going to start by implementing basic external hack scaffolding, and finish with a simple Assault Cube demonstration you can download, read, and modify.
In this walkthrough, we will analyze a North Korean malware campaign targeting individuals in South Korea. This coverage was inspired by a blog recently releas...
2023-05-07 16:37:15 +0000 UTC View Post