Notes

Every once in a while, I get the urge to go back and revisit older techniques that used to be popular but have fallen out of favor with the offensive community. Things like Office Macros, PowerShell, and custom shellcode loaders used to be incredibly effective but are now deemed “burned” by many industry colleagues I chat with. While there is some truth to this, I am still constantly surprising myself and others on my team with so-called “burned” TTPs that prove themselves effective on operations.

In this post, I want to revisit another old technique I believe is a prime candidate to host malware payloads—Python for Windows. But, before we do, let’s revisit some existing work in this space. Operating Inside the Interpreted: Offensive Python

Genius is not insanity. Genius is having a clear head with an incredible ability to focus.

Slides from a 2007 Nokia emergency meeting presentation.

I’ve been reversing Black Ops Cold War for a while now, and I’ve finally decided to share my research regarding the user-mode anti-cheat inside the game. It’s not my intention to shame or promote cheating/bypassing of the anti-cheat, so I’ve redacted a few things. Reverse Engineering Call Of Duty Anti-Cheat

Call of Duty: Black Ops 3 is protected by a DRM that, among other things, protects the integrity of the game’s code at runtime. Reverse engineering those integrity checks has been a personal goal I had for a long time. In this post I’m going to describe my process of achieving exactly that, so let’s dive in. Reverse Engineering Integrity Checks in Black Ops 3

The biggest protection against piracy was to make the games not worth playing, let alone worth cracking.

This post is intended for educational purposes only. Denuvo is arguably the most successful digital rights management solution to have ever existed, and is therefore an interest to many. This blog contains a large amount of my personal notes and correspondence with other reverse engineers (see kudos) which contains information about the recent iterations of Denuvo, lots of which I haven’t seen shared publicly before.

Denuvo is an anti-tamper and digital rights management system (DRM). It is primarily used to protect digital media such as video games from piracy and reverse engineering efforts. Unlike traditional DRM systems, Denuvo employs a wide range of unique techniques and checks to confirm the integrity of both the game’s code and licensed user. Denuvo Analysis

The world we live in is not a world that is kind to the dreamers, David Lynch himself fought tooth and nail to get to where he got and even then he wasn’t free to dream.

Why did nobody notice that Robbie Williams was a monkey the whole time?

Last week I posted an article about how the professional site Stack Overflow renamed the account of Luigi Mangione while keeping all of Luigi’s content under a different name (seemingly in violation of the Creative Commons license). The company has not commented officially. We know at one point my article made it to the front page listing because we have an archived copy. However, it mysteriously dropped off.

[…]

The reason why is a pretty open secret in the industry. It’s a tool frequently employed called shadow banning. Moderators have the option of using this tool whereby the ban isn’t made apparent to the user most likely to complain, in this case the submitter.

What Hacker News did was scrub the article from the front page to deny new exposure, and allow those that have seen it to engage as if nothing happened. They have a history of these kinds of shenanigans. Hacker News where the billionaires hack together your news

I’m fucking tired of getting older and everyone I care about dying.

→ in reply to @note#1737063831

Scratch that, reports are coming out that he isn’t actually confirmed dead, but that he disappeared in a bright flash of light presumably to return to his home planet.