@rewithme.bsky.social
Object File Analyst, Programming Scientist
You've seen the trends in AIxCC: LLMs can hack source, find vulns, and patch them. But what about on binaries without source? Do decompilers close the gap, or is there more to grow?
Come see my talk at DistrctCon where I merge and dissect these two fields: AI Hacking + Decomp.
Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...
We at @emproofsecurity.bsky.social open-sourced a free firmware reverse engineering workshop for self-study.
Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included.
github.com/emproof-com/...
Screenshot of the blog post intro: Permissive vs Copyleft Open Source Published on Jul 9, 2025. The premise of copyleft licenses is attractive: Create more open source! With permissive licenses, someone can take the code and make proprietary modifications to it and sell it to other people without releasing the modifications. We want people to publish their improvements, right? With copyleft, we can force people to publish their improvements to copyleft code. Businesses will want to use our code because creating it was so much work in the first place. We need copyleft if we want more contributors, more open source, more code re-use, more freedom. Right? Wrong. In this post, I break down all the ways copyleft licenses fail to achieve their stated goals, and explain why permissive licenses succeed where copyleft fails.
I wrote a comprehensive post dispelling many incorrect assumptions about Copyleft vs Permissive open source licenses.
If you author/contribute to open source code, it's worth reading and understanding these nuances!
shazow.net/posts/permis...
New blog post on implementing patchelf-like functionalities using LIEF's Rust bindings:
lief.re/blog/2025-07...
Cool blog of how @aendra.com built @xblock.aendra.dev her automoderation tuned screenshot classifier AI model and pipeline, including all the manual work behind it.
www.aendra.com/xblock-summe...
It was great to see the community come together again at our 4th #FUZZING workshop in Trondheim this year! We drew a big crowd. Enjoyed the super lively discussions.
Thanks to the organizers:
* @rohan.padhye.org
* @yannicnoller.bsky.social
* @ruijiemeng.bsky.social and
* LΓ‘szlΓ³ Szekeres (Google)
π¨ Our amazing #FUZZING'25 keynotes are online!
"Constraining Fuzzing without Paying Too Much" by Miryung Kim
youtu.be/L90MBb6NLBE
"Are you sure you belong in academia?" by Will Wilson
youtu.be/qQGuQ_4V6WI
// @mboehme.bsky.social, LΓ‘szlΓ³ Szekeres, @rohan.padhye.org, @ruijiemeng.bsky.social
srcML Dockerfile... gist.github.com/edmcman/edff...
11.06.2025 22:47 β π 0 π 1 π¬ 0 π 0
HF space for the Nova neural decompiler: huggingface.co/spaces/ejsch...
29.05.2025 13:12 β π 0 π 1 π¬ 0 π 0
A small slide deck for a 15 minute impulse talk at Cycon 2025 in Talinn: docs.google.com/presentation...
28.05.2025 14:43 β π 23 π 9 π¬ 1 π 3
[Blog Post] New high-level API in LIEF that allows the
creation of DWARF files. Additionally, I present two plugins designed to export
program information from Ghidra and BinaryNinja into a DWARF file.
lief.re/blog/2025-05...
(Bonus: DWARF file detailing my reverse engineering work on DroidGuard)
All papers should publish their code. Help realize this by becoming an artifact reviewer at NDSS'26, apply here: docs.google.com/forms/d/e/1F...
You'll review artifacts of accepted papers. We especially encourage junior/senior PhD students & PostDocs to help. Distinguished reviews will get awards!
Excited to see my LLM CLI tool used by Sean Heelan to help identify a remote zeroday vulnerability in the Linux kernel!
simonwillison.net/2025/May/24/...
Artisinal software
There is LLM free licenses though I think
We're are happy to announce a new release of our #Rust bindings for idalib.
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs
H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy
github.com/binarly-io/i...
this is still the Best Post about symbolic execution. it uses some cursed python to make a tiny but illustrative symbolic execution engine
kqueue.org/blog/2015/05...
π¨ Blog Post: "Re-compiling Decompiler Output" https://edmcman.github.io/blog/2025-05-02--re-compiling-ghidra-decompiler-output/
03.05.2025 14:54 β π 1 π 2 π¬ 0 π 0
Review Criteria for Technical (TP) and Experience Papers (EP) @ #ASE25.
* In TP, PC evaluates the significance of the problem, the novelty of the approach and the soundness of the eval.
* In EP, PC evaluates the practical importance + the description of scope, insights, and perspective.
Details:
Policy on LLM-assisted Reviews @ #ASE25
03.05.2025 14:28 β π 1 π 1 π¬ 1 π 0
β¨οΈ Now that #ICSE25 is over, it's time to get your papers ready for #ASE25 (30th May)!
π’ Here is what's new:
* Major Revision v2.0
* Review criteria for tech. & experience papers
* Policy on LLM-assisted Reviews
* Auto-bidding (TPMS)
* Rapid Response Reliable Reviewers
π For more details, read on.
Major Revision 2.0 @ #ASE25.
Objective:
* Reviewer continuity > recycling.
* Reduce PC workload.
* Minimize ambiguity.
* Avoid deferred rejects.
tl;dr:
* MR = reviewers commit to accepting the MR if it addresses the revision items *irrespective* of any new results.
* Only DL is required to check.
It was opt 175b chronicle
16.04.2025 23:01 β π 0 π 0 π¬ 0 π 0Around 2023 some company published their raw experience trying to train a very large model, like a text file with all the errors they hit, was that google or Facebook or some other company?
16.04.2025 22:26 β π 0 π 0 π¬ 1 π 0
more exciting stuff coming to libAFL @aflplusplus.bsky.social , including a binary-only ASan implementation in Rust for QEMU and integration with the unicorn emulator!
reminds me of how @dmnk.bsky.social and I got the unicornafl rust bindings up and running to fuzz some basebands 5 years ago
Oh wow. This just in from a CISA spokesperson:
βThe CVE Program is invaluable to cyber community and a priority of CISA. Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partnersβ and stakeholdersβ patience.β
Time zone code is 100% the kinda code you make someone else do, like a library
I feel like that is more off limits to home roll than crypto even
And AZ CTF comes to a close! Congrats to the winners! And, of course, everyone can now tackle the chals on #pwncollege at: pwn.college/az-ctf-2...
06.04.2025 00:07 β π 1 π 3 π¬ 0 π 0Today, I participated in @DEFCON Quals #CTF with @Shellphish! After missing last year's quals due to family traditions (defcon.social/@Zardu...), it was great to be back! We got 5th place and (unless our calculations are off) are heading to finals!
14.04.2025 08:50 β π 6 π 1 π¬ 2 π 0
