Erwan Grelet

GrapheneOS bails on OVHcloud over France's privacy stance Project cites fears of state access as cloud sovereignty row deepens French cloud outfit OVHcloud took another hit this week after GrapheneOS, a mobile operating system, said it was ditching the company's servers over concerns about France's approach to digital privacy.…

GrapheneOS bails on OVHcloud over France's privacy stance

Binary Ninja 5.2, Io, is live and it's out of this world! binary.ninja/2025/11/13/b...

With some of our most requested features of all time including bitfield support, containers, hexagon, Ghidra import, and a huge upgrade to TTD capabilities, plus a ton more, make sure to check out the changelog!

A screenshot of DiaSymbolView inspecting combase.pdb

I wanted to understand what information is available in .pdb files, so I made a tool for it 🔎🐛

Welcome DiaSymbolView - a debug symbol hierarchy and properties viewer based on MSDIA: github.com/diversenok/D...

Defeating KASLR by Doing Nothing at All Posted by Seth Jenkins, Project Zero Introduction I've recently been researching Pixel kernel exploitation and as part of this research I ...

New Blog Post: Seth Jenkins broke kASLR by doing … nothing 😩

googleprojectzero.blogspot.com/2025/11/defe...

WORKSHOP: Reversing a (not-so-) Simple Rust Loader // Cindy Xiao Rust can be challenging for even experienced reverse engineers. We will reverse a simple Rust malware loader found in the wild with obfuscated strings and a decoy payload, making it a good example for...

Thank you for your interest in Decoder Loop & #rustlang reverse engineering training so far!

This Friday, November 7th, join us at Ringzer0 COUNTERMEASURE, in Ottawa, Canada, where @cxiao.net will present the workshop "Reversing a (not-so-) Simple Rust Loader": ringzer0.training/countermeasu...

Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...

Future Architecture Technologies - POE2 and vMTE This blog post introduces two future technologies, Permission Overlay Extension version 2 (POE2) and Virtual Tagging Extension (vMTE).

POE2: community.arm.com/arm-communit...

if u want a high quality curated source of news relevant to defenders, LOOK AT THIS SITE

Impressive reverse engineering kung fu against widevine L3 by Felipe (x.com/_localo_) ! #hacklu
Cc @mrphrazer.bsky.social

U.S. government accuses former L3Harris cyber boss of stealing trade secrets | TechCrunch The U.S. Department of Justice accused Peter Williams, former general manager of L3Harris’ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia.

NEW: The U.S. govt accused Peter Williams, ex general manager of hacking tool maker L3Harris Trenchant, of stealing trade secrets and selling them to buyer in Russia.

As we reported earlier, Trenchant investigated a leak of internal tools this year. It's unclear if that investigation is related.

Exclusive: Apple alerts exploit developer that his iPhone was targeted with government spyware A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spy...

SCOOP: A man who worked on developing hacking and surveillance tools for defense contractor L3Harris Trenchant was notified by Apple that his iPhone was targeted with mercenary spyware.

The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.

Reverse Engineering Denuvo in Hogwarts Legacy Talk at Navaja Negra 2025 This technical presentation explores the inner workings of Denuvo Anti-Tamper, one of the gaming industry’s most widely deployed DRM solutions. Through detailed reverse engin...

I held a talk about reverse engineering and bypassing Denuvo in Hogwarts Legacy at Navaja Negra

The recording and the slides are now online :D

momo5502.com/posts/2025-1...

BGGP6 flyer, a collage featuring old media formats arranged over a backdrop of a golf course

Binary Golf Grand Prix 6 begins now!

#BGGP6 theme: "Recycle"

Challenge Announcement: binary.golf/6

Decoder Loop | Reverse Engineering Training Decoder Loop | Reverse Engineering Training

🦀 I am starting a training firm, @decoderloop.com, focused on providing Rust Reverse Engineering training! decoderloop.com

We hope to come to a conference near you next year. Stay notified on training dates: Follow us at @decoderloop.com, or join our mailing list: decoderloop.com/contact/#tra...

YouTube video by Recon Conference Recon 2025 - Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications

The recording of our (CC @nicolo.dev ) talk "Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications" at @reconmtl.bsky.social is now online!

Recording: www.youtube.com/watch?v=QxSG...

Slides: synthesis.to/presentation...

#BinaryNinja Plugin: github.com/mrphrazer/ob...

The new version of my #BinaryNinja plugin Obfuscation Analysis (v1.2) adds recursive function inlining in the decompiler.

It collapses call-heavy code into a single function; analysis, constant propagation, DCE and other analyses work across boundaries.

github.com/mrphrazer/ob...

RE//verse 2026 CFP is open! Got research? Prove it: sessionize.com/reverse-2026

It turns out this analysis was incorrect, and someone pointed it out to me. I've redone the analysis, and it's now much improved. For Part 2, where I cover the true cause of the crash, please take a look here: medium.com/@Debugger/un...

Close your eyes and ✨imagine:

From a low-integrity process (from LPAC even), you can inject your data anywhere you want:
privileged tasks, PPL/protected processes, the OS kernel itself, and VTL1 trustlets.

Now open your eyes. It is not hypothetical.
It is the reality. Read it on page 33.

#FTSCon Speaker Spotlight: Aleksandra Doniec (@hasherezade.bsky.social) is presenting “Uncovering Malware's Secrets with TinyTracer” in the MAKER track.

See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...

We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...

Identifying obfuscated code through graph-based semantic analysis of binary code - Applied Network Science Protecting sensitive program content is a critical concern in various situations, ranging from legitimate use cases to unethical contexts. Obfuscation is one of the most used techniques to ensure such a protection. Consequently, attackers must first detect and characterize obfuscation before launching any attack against it. This paper investigates the problem of function-level obfuscation detection using graph-based approaches, comparing algorithms, from classical baselines to advanced techniques like Graph Neural Networks (GNN), on different feature choices. We consider various obfuscation types and obfuscators, resulting in two complex datasets. Our findings demonstrate that GNNs need meaningful features that capture aspects of function semantics to outperform baselines. Our approach shows satisfactory results, especially in a challenging 11-class classification task and in two practical binary analysis examples. It highlights how much obfuscation and optimization are intertwined in binary code and that a better comprehension of these two principles are fundamental in order to obtain better detection results.

Brand new paper with Roxane Cohen, Robin David (both from @quarkslab.bsky.social ) and Florian Yger on obfuscation detection in binary code doi.org/10.1007/s411... We show that carefully selected features can be leveraged by graph neural networks to outperform classical solutions.

lmao, apparently this guy managed to give two different talks at two of the the biggest hacking conferences using AI generated slop that doesn't even make any sense. Welcome to infosec in 2025.

Attacking Assumptions Behind the Image Load Callback :: RomHack 2025

Here are my RomHack slides about low-privileged attack vectors against PsSetLoadImageNotifyRoutine and drivers that rely on it. Enjoy!
diversenok.github.io/slides/RomHa...

Super cool potential ASLR leak involving dictionary hashes! googleprojectzero.blogspot.com/2025/09/poin...

GUIFuzz++ is the first general-purpose fuzzer for desktop GUI software! Fuzzing by translating AFL++ random input into user interaction with GUIs, leading to the discovery of 23 new bugs!

Paper: futures.cs.utah.edu/papers/25ASE.pdf
Source: github.com/FuturesLab/GUIFuzzPlusPlus

Go test some GUIs!

I'm happy to share that LIEF 0.17.0 is out: lief.re/blog/2025-09...

Want to learn reverse engineering? There'll be a free, women*-only BlackHoodie workshop from October 6th to 9th in Paris!

Topics:
• Linux memory forensics 🕵️‍♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)

IDA 9.2 Release: Golang Improvements, New UI Widgets, Types Parsing and More IDA 9.2: Smarter Go decompilation, new UI widgets, Xref Graph/Tree, LLVM-based type parser, debugger upgrades, and expanded processor support.

📣 IDA 9.2 is here!

➥ Smarter Go decompilation
➥ New Dynamic Xref Graph & Xref Tree
➥ Debugger & UI upgrades
➥ Expanded processor support (ARM, RISC-V)
➥ And more...

Explore the full release here: hex-rays.com/blog/ida-9.2...

Release v0.16 · HyperDbg/HyperDbg HyperDbg v0.16 is released! If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick...

HyperDbg v0.16 is released! 🐞💫✨

This version adds a new event command '!xsetbv', along with bug fixes, performance improvements, and progress on the user-mode debugger in VMI mode.

Check it out:

github.com/HyperDbg/Hyp...