Presenting "Unveiling RIFT: Advanced Pattern Matching for Rust Libraries" at RECON Montreal 2025!
Sharing research on discovering Rust dependencies in compiled binaries.
See you there!
#RECON2025 #RustLang #ReverseEngineering

If you are a power #vim user you are probably used to the m' navigation workflow, which is also implemented in Visual mode in radare2. Now you can experience not just the hjkl movement keys in iaito (the radare2 interface) but also the m' keys in hex, disasm, decompiler and graph views for quick moving around the binary! #reverseengineering #ui

Let's get this #nakeddiefriday started, people!

The guest of today is one TMS70C42A by TI. It is a 8-bit MCU carrying 4KB of ROM and 256B of RAM, with three timers and a UART.

This particular die was bit by gremlins, and a small part of it is missing; nothing crucial though. Let's have a walk around.

SiPron page: https://siliconpr0n.org/archive/doku.php?id=infosecdj:ti:tms70c42a

Just packaged and tested @RevEngAI 's plugin for @radareorg the service is still under testing so you can join the waitlist to get some api keys, it looks promising, and i'm always happy to see more tools and services being integrated with R2! #reverseengineering #ai

How a 20 year old bug in GTA San Andreas surfaced in Windows 11 24H2

https://cookieplmonster.github.io/2025/04/23/gta-san-andreas-win11-24h2-bug/

Discussions: https://discu.eu/q/https://cookieplmonster.github.io/2025/04/23/gta-san-andreas-win11-24h2-bug/

“The invalid 68030 instruction that accidentally allowed the Mac Classic II to successfully boot up”

"This is the story of how Apple made a mistake in the ROM of the Macintosh Classic II that probably should have prevented it from booting, but instead, miraculously, its Motorola MC68030 CPU accidentally prevented a crash and saved the day by executing an undefined instruction.”

https://www.downtowndougbrown.com/2025/01/the-invalid-68030-instruction-that-accidentally-allowed-the-mac-classic-ii-to-successfully-boot-up/

Managed to put this device in bootloader usb upload/download mode.

But didn't find any sdk/tool that describe/implement the protocol.

From what I've overlooked in the bootloader, it's quite a simple one, so it will be easy to implement.

But man, it's just a waste of time.

Please, manufacturers, release the sdks...
#reverseengineering

Perusing the #documentation for JPype as it's the translation layer letting me write my #Ghidra script in #Python, and I'm enjoying the conversational style of the introduction in the user guide

https://jpype.readthedocs.io/en/latest/userguide.html#case-1-access-to-a-java-library

A common way for malware to disguise its C2 communication and stay under the radar is mimicking widely accepted protocols such as TLS and blend into the existing traffic.

The deep dive below into PebbleDash’s FakeTLS C2 protocol shows how North Korean APTs fake TLS handshakes and use hardcoded RC4 encryption to blend in with legit HTTPS traffic. Sneaky stuff — and a must-read for threat hunters.

https://malwareandstuff.com/reversing-pebbledashs-faketls-c2-protocol/

Got the BGA63 adapter I ordered for the XGecu T48 this morning. If there's ever been an adapter that needed to come with a pack-in user guide it's this one. It's a combined BGA48/BGA63 adapter and the "combined" part is that you have to transfer the whole thing from one bare circuit board to another when you want to switch.

... so after having had to crawl around on the floor looking for those 48 tiny spring loaded pins that easily drops out when you don't have such a guide I finally managed to read out the NAND from a new IoT device I'm targeting atm.

Good: Not encrypted
Bad: As I had guessed, I don't think this is where the main CPU keeps its code

... but let's see where this can take us.

Hello! I don't want to #GetFediHired (yet?), but I am looking for contacts who can help me connect and offer a reality check on a potential new career path by telling about their experiences.

I'm currently working as an embedded software engineer , but I'm exploring a transition into IT/OT security — ideally working as a pentester or reverse engineer focusing on embedded devices, IoT, or SCADA systems .

My thread...

#FediJobs #EmbeddedSecurity #ReverseEngineering

My latest blog post: VanSpoof v1.0

https://mikecoats.com/van-spoof-v1-0/

I'm happy to announce the v1.0 release of VanSpoof. My VanMoof X3 now starts up, without an e-shifter connected, and does not show an Error 44 status! The bike thinks it's connected to a working, functional, e-shifter!

Modernizing an Enigma Machine - This project by [Miro] is awesome, not only did he build a replica Enigma machine ... - https://hackaday.com/2025/04/17/modernizing-an-enigma-machine/ #reverseengineering #debruijnsequence #retrocomputing #enigmamachine #encryption #pogopin #enigma

Today we broke 12k stars on #GitHub remaining #1 on Reverse Engineering there and #1 for, “Reverse Engineering Tutorial” on Google. Thanks again for all of your continued support to help get new folks free training on #ReverseEngineering for everyone! https://github.com/mytechnotalent/Reverse-Engineering

There’s a new entry in our #Rust tool suite designed to assist with #reverseengineering and #vulnerabilityresearch against binary targets!

Oneiromancer by @raptor uses the locally running aidapal LLM by @atredis to analyze and improve #IDA pseudo-code.

https://security.humanativaspa.it/aiding-reverse-engineering-with-rust-and-a-local-llm

Ah yes, nothing screams "cutting-edge tech genius" like spending 68 minutes reverse engineering a fan to escape the tyranny of its app. Instead of enjoying clean air, let's devote our weekends to making sure our air purifier can join the unified utopia of Home Assistant—because who needs a social life when you can have a cloud-free smart home?
https://jmswrnr.com/blog/hacking-a-smart-home-device #cuttingedge #reverseengineering #smarthome #HomeAssistant #techhumor #HackerNews #ngated

Recon CFP ends in less than 2 weeks on April 28. Prices for the training and conference increase on May 1st. Register now to save with early bird price. We have already announced a few talks and workshops, and more videos from last year have been released. https://recon.cx #reverseengineering #cybersecurity #offensivesecurity #hardwarehacking @hackingump1 @mr_phrazer @nicolodev @SinSinology @hunterbr72 @clearbluejar @phLaul @oryair1999 @hookgab @TheQueenofELF @So11Deo6loria @i0n1c @pedrib1337 @MalachiJonesPhD @Pat_Ventuzelo @KB_Intel @pinkflawd @Reverse_Tactics @OnlyTheDuck @t0nvi @drch40s @BrunoPujos @mhoste1 @andreyknvl @texplained_RE @jsmnsr @pulsoid @SpecterDev @richinseattle @yarden_shafir @aionescu @hackerschoice @SinSinology @sergeybratus @SpecterOps @oryair1999 @phLaul @trailofbits @HexRaysSA @nostarch