I reverse engineered DexProtector, the security solution protecting applications like Revolut and other banking apps.
From custom ELF loaders to vtable hooking, here is an insight into how these protections work and their limitations.
www.romainthomas.fr/post/26-01-d...
I'm happy to share that LIEF 0.17.0 is out: lief.re/blog/2025-09...
New blog post on implementing patchelf-like functionalities using LIEF's Rust bindings:
lief.re/blog/2025-07...
[Blog Post] New high-level API in LIEF that allows the
creation of DWARF files. Additionally, I present two plugins designed to export
program information from Ghidra and BinaryNinja into a DWARF file.
lief.re/blog/2025-05...
(Bonus: DWARF file detailing my reverse engineering work on DroidGuard)
Fuzzing Windows ARM64 binaries with a DBI and LLVM?
Here we go: www.romainthomas.fr/post/25-04-w...
New updates in LIEF including better support for PE modifications and ARM64EC/ARM64X binaries.
Blog post: lief.re/blog/2025-02...
Want to support security researchers from Dragon Sector in covering legal costs piling up after they went public with logic bombs in train firmware?
IBAN for donations is available here:
www.ccc.de/en/updates/2...
Talks for context
media.ccc.de/v/37c3-12142...
streaming.media.ccc.de/38c3/relive/...
And if you want to know more about the economic reality behind running high availability, actually innovative tech… signal.org/blog/signal-...
LIEF 0.16.0 is out featuring new (extended) capabilities like Dyld Shared Cache support, Assembler/disassembler, ...
lief.re/blog/2024-12...
It would make a nice combo!
LIEF Disassembler API based on LLVM MC
So for my first post on Bluesky, I'm happy to share that LIEF (extended) is now providing an API to disassemble code (backed by the LLVM MC layer).
This disassembler is integrated with other functionalities
like dyldsc or DWARF info.
You can checkout lief.re/doc/latest/e... for the details.