Speculating the entire x86-64 Instruction Set In Seconds with This One Weird Trick

https://blog.can.ac/2021/03/22/speculating-x86-64-isa-with-one-weird-trick

Modern Obfuscation Techniques

https://is.muni.cz/th/v1f9y/Modern_obfuscation_techniques.pdf

@reverseengine

Abusing native Windows functions for shellcode execution

http://ropgadget.com/posts/abusing_win_functions.html

A Deep Dive Into Malicious Direct Syscall Detection

https://www.paloaltonetworks.com/blog/security-operations/a-deep-dive-into-malicious-direct-syscall-detection

x64dbg plugin for simple spoofing of CPUID instruction behavior

https://github.com/jonatan1024/CpuidSpoofer

fpicker: Fuzzing with Frida

https://insinuator.net/2021/03/fpicker-fuzzing-with-frida

https://github.com/ttdennis/fpicker

Finally, PageDOut No. 8 is out

https://pagedout.institute/?page=issues.php

Bypassing Frida: Advance Frida Detection Bypass

https://medium.com/@haxymad/bypassing-frida-advanced-frida-detection-bypass-part-1-cc7c1dfbad9d


https://medium.com/@haxymad/bypassing-frida-advanced-frida-detection-bypass-part-2-e3466a141a4c


https://medium.com/system-weakness/bypassing-frida-advanced-frida-detection-bypass-part-3-339aa1202c48


https://medium.com/system-weakness/bypassing-frida-advanced-frida-detection-bypass-part-4-c258e8f5aa64

VM Detection Tricks, Part 1: Physical memory resource maps

In this series we’ll document a novel and as-yet-undocumented Virtual Machine detection trick for each month of 2021. These detection tricks will be focused on 64-bit Windows 10 or Windows Server 2019 guests, targeting a variety of VM platforms.

https://labs.nettitude.com/blog/vm-detection-tricks-part-1-physical-memory-resource-maps

Decompilation Debugging

https://clearbluejar.github.io/posts/decompilation-debugging-pretending-all-binaries-come-with-source-code