Yet another PDF/XDP Malware – 25 July 2016
An in-depth analysis of a malware using XDP embedded in a PDF and anti-analysis tricks.
PDF/XDP Malware Reversing – 5 May 2016
Analysis of CVE-2013-3906 (TIFF) – 18 November 2013
An in-depth analysis of an office document which uses a TIFF vulnerability to execute shellcode. The article includes the analysis of the shellcode and of the payload.
Raw File System Analysis (FAT32 File Recovery) – 29 October 2013
This article shows how to perform raw analysis of a file system by using C types imported from source headers. The gained knowledge is then used to write a small utility in under 300 lines of Python code to recover deleted files.
Disclosure: Creating undetected malware for OS X – 7 October 2013
A proof-of-concept which demonstrates how to create undetected malware on OS X by using the internal mechanism called Apple Binary Protection. At the time of writing, all security solutions were tricked by this technique.
Risikofaktoren bei verschiedenen Dateitypen (German) – 7 October 2013
An easy-to-read overview (in German) of the main risks associated to different file types. The paper tries to increase the awareness of end users. It contains statistics and best practices.
BlueBox Android Challenge – 15 May 2013
A crackme which offers the opportunity to show how to reverse engineer protected Android applications with Profiler.
The security of non-exec files – 9 January 2012
This article is based on a speech given at DeepSec. It tries to sum up the main risks associated to non-executable files, meaning those files which are generally viewed as harmless by the user.