<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>zerotistic</title><description>Reverse engineering, pwn, automation and dumb ideas. Vulnerability research, Binary Ninja and CTF writeups.</description><link>https://zerotistic.blog/</link><item><title>Breaking Control Flow Flattening: A Deep Technical Analysis</title><link>https://zerotistic.blog/posts/cff-remover/</link><guid isPermaLink="true">https://zerotistic.blog/posts/cff-remover/</guid><description>How a Binary Ninja plugin automatically defeats control flow flattening — dispatcher detection, state variable recovery with Z3, and CFG reconstruction — and the math that makes it work.</description><pubDate>Sun, 03 Nov 2024 00:00:00 GMT</pubDate></item><item><title>Virtual Machine Based Obfuscation: An Overview</title><link>https://zerotistic.blog/posts/vm-obfu/</link><guid isPermaLink="true">https://zerotistic.blog/posts/vm-obfu/</guid><description>An introduction to VM-based obfuscation — its core components, hardening techniques, and open research directions — with a focus on design philosophy.</description><pubDate>Thu, 05 Sep 2024 00:00:00 GMT</pubDate></item><item><title>Code of the Week — Compilation</title><link>https://zerotistic.blog/posts/code-of-the-week/</link><guid isPermaLink="true">https://zerotistic.blog/posts/code-of-the-week/</guid><description>A running index of my Code of the Week series on Hackcyom, covering lesser-known and logic bugs in code review.</description><pubDate>Thu, 04 Apr 2024 00:00:00 GMT</pubDate></item><item><title>RealWorldCTF 2024: Let&apos;s Party in the House</title><link>https://zerotistic.blog/posts/rwctf-wu/</link><guid isPermaLink="true">https://zerotistic.blog/posts/rwctf-wu/</guid><description>A pwn writeup for the RealWorldCTF 2024 &apos;Let&apos;s party in the house&apos; challenge: exploiting a buffer overflow in libjansson to get RCE on a Synology BC500 camera.</description><pubDate>Tue, 30 Jan 2024 00:00:00 GMT</pubDate></item><item><title>Rediscovering Vulnerabilities with CodeQL MRVA</title><link>https://zerotistic.blog/posts/codeql-mrva/</link><guid isPermaLink="true">https://zerotistic.blog/posts/codeql-mrva/</guid><description>Setting up Multi-Repository Variant Analysis, writing a CodeQL query to find LDAP injection, and scanning a thousand repositories to rediscover a bug in a 24k-star project.</description><pubDate>Mon, 29 Jan 2024 00:00:00 GMT</pubDate></item><item><title>Binary Ninja: How to Reverse with Style</title><link>https://zerotistic.blog/posts/binary-ninja-rump/</link><guid isPermaLink="true">https://zerotistic.blog/posts/binary-ninja-rump/</guid><description>Slides and annotations from a lightning talk given at an HackTheBox meetup in Paris on why Binary Ninja is a solid choice for reverse engineering.</description><pubDate>Tue, 16 Jan 2024 00:00:00 GMT</pubDate></item><item><title>Binary Ninja: Zero to Hero</title><link>https://zerotistic.blog/posts/binary-ninja-zero-to-hero/</link><guid isPermaLink="true">https://zerotistic.blog/posts/binary-ninja-zero-to-hero/</guid><description>A series on Binary Ninja, from the very basics of the UI to writing plugins against its API.</description><pubDate>Wed, 20 Sep 2023 00:00:00 GMT</pubDate></item></channel></rss>