RSS Feed

🔬 Malware Analysis

🤔 How Do I Spot Malware?

The number or applications installed or present on a device can sometimes be frightening. Not all of them are installed with the user’s consent. Some of them might be malicious. How does one spot these little pesky rodents?

🪛 Reverse Engineering


Rabin2 rabin2 -I [progname] # main info about the prog rabin2 -z [progname] # the strings from the binary's data section rabin2 -zz [progname] # all strings from the binary rabin2 -zqq [progname] # strings only without additional info rabin2 -x iGoat-Swift # thin the binary R2 Info il # libs in use ii # or iiq to see imports r2 [progname] # launch radare2 > s main # seak main function and go to it > aa # find all strings > v # psedu GUI mode (Hex editor) > VV # graph mode > afvn user_input input # rename local var and all the places it was referenced # rename function > s function_old_name > afn function_new_name > c # show cursor in visual mode > afvd # print all local variables > u # back?