This video provides an brief introduction to LLVM IR.
We introduce what's the role of LLVM IR in a compilation pipeline, how to produce it, how to navigate through it in VSCode, the structure of an LLVM IR module, some simple optimizations, what is a phi…

Attackers can use WMI malware for just about anything. Execution, persistence, lateral movement… honestly, the list goes on. Fortunately for you, there

In the Linux world, the eBPF technology has been around for years. Its purpose is to allow writing programs that run within the Linux kernel. However, contrary to standard kernel modules, eBPF runs…

Diving into the heart of the Xbox 360 security system: the hypervisor. How does it work? Why is it so secure? Find out the answers to these questions and more as I cover the architecture of the Xbox 360 hypervisor and hardware security features that made…

Complete conference schedule for Out Of The Box - Jakarta

Background Vulnerability Experimentation Arbitrary physical mapping Dynamically finding our mapping base Finding the kernel base A10(X) A11 Non-KTRR devices Virtual kernel read/write Page table panic Brandon Azad’s method PV head table (again) IOSurface kernel…

Contribute to binarly-io/Research_Publications development by creating an account on GitHub.

XINTRA labs TechTonik DFIR Walkthrough

Official x64dbg blog!

This video introduces why rev.ng is a great place to perform binary deobfuscation.
In this video we tackle three obfuscation techniques: 1) code mutation + bogus stack traffic, 2) control-flow flattening and 3) opaque branch conditions.

To try out the demos…

In this blog post we explore using Binary Ninja and emulation to address obfuscation implemented by an open source obfuscator named Garble that is used by red team operators and malware authors to inhibit reverse engineering efforts.

WinDbg is an extensible debugger. Anyone can write a DLL that implements new commands into WinDbg. The video demonstrates creating and implementing a new command.
For more information, see https://trainsec.net.

Full code: https://github.com/zodiacon/you…

CVE-2025–21333 is a Windows vulnerability detected by Microsoft as exploited by threat actors. Microsoft patched the vulnerability on…

In this stream analyze a stealer malware variant with Binary Ninja and x64dbg. We wrote automation to decrypt all strings throughout the binary and looked at dumping resolved APIs automatically.

Learn how to reverse engineer malware: https://training.in…