PinTools

This repository is an example and proof-of-concept PoC for dynamic binary analysis using the Pin tool. The code is designed to detect the classical use-after-free vulnerability. The Pin tool is a dynamic binary instrumentation framework that allows developers to analyze and modify the behavior of...

A week in security (Nov 15 – Nov 21)

Last week on Malwarebytes Labs Instagram’s memorialize feature abused to memorialize…Instagram’s boss Evasive manoeuvres: HTML smuggling explained FBI server hijacked to send up to 100,000 bogus attack mails New Mac malware raises more questions about Apple’s security patching SharkBot Android...

Malwarebytes CrackMe – contest summary

On October 29 we published our third CrackMe Challenge and announced two parallel tracks for the contest: "The fastest solve" , and "The best write-up". In the first category "The fastest solve" , we got three winners already the first weekend following publication. Big congratulations to: @nazyw...

The return of the Malwarebytes CrackMe

This blog post was authored by Hasherezade Update: Malwarebytes Crackme : we already have the winners in the category "the fastest solve", congratulations! 1st: @nazywam 2nd: Suvaditya Sur @x0r19x91 3rd:@evandrix But we are still waiting for your submissions! -- Malwarebytes Threat Intelligence...

Angrgdb - Use Angr Inside GDB - Create An Angr State From The Current Debugger State

Use angr inside GDB. Create an angr state from the current debugger state. Install pip install angrgdb echo "python import angrgdb.commands" /.gdbinit Usage angrgdb implements the angrdbg API in GDB. You can use it in scripts like this: from angrgdb import gdb.execute"b 0x004005f9" gdb.execute"r...

A week in security (May 21 – May 27)

Last week we told you about a Mac cryptominer using XMRig, an overview of Dreamcast related scams, part 1 of decoding Emotet, and what to do about bad coding habits that die hard. We also published the results of our second CrackMe contest. Other news How a pioneer of machine learning became one ...

Malwarebytes CrackMe 2: contest summary

About three weeks ago, we published our second CrackMe. It triggered a lot of interest, and we got many high-quality write-ups. Choosing the winner was really difficult! In this post, I am going to summarize the contest and comment on the received submissions. CrackMe 2 challenge The topic of the...

A week in security (April 23 – April 29)

Last week, we dug into behavioral biometrics, explored a new crossrider variant, and embraced the power of "no." We also launched another CrackMe challenge, took a deep dive into smart toys, and finished up with a look at digital privacy in the age of IoT. Other news LinkedIn does battle with...

Malwarebytes CrackMe 2: try another challenge

Last November, we released the first edition of the Malwarebytes CrackMe. Encouraged by the positive response we received from the security community, we decided to repeat the game, hopefully making it even more interesting and entertaining. As before, the CrackMe is dedicated to malware analysts...

How to solve the Malwarebytes CrackMe: a step-by-step tutorial

The topic of this post is a Malwarebytes CrackMe—an exercise in malware analysis that I recently created. First, the challenge was created to serve internal purposes, but then it was released to the community on Twitter and triggered a lot of positive response. Thanks to all of you who sent in yo...