Ahmet Bilal Can 🦔
@0xabc0
Followers
4K
Following
5K
Media
357
Statuses
1K
reverse everything
İstanbul, Türkiye
Joined January 2018
Ever wanted to get payload from packed android malware without running android emulator/device? Me neither. But I wrote a tool for that anyway😄.
3
35
129
Sunumlar her zamanki gibi kaliteli ve güzeldi. Etkinliğe gelen (çok) genç arkadaşlarla tanışmak ayrı bir keyifti. Yeni nesil gümbür gümbür geliyor.
TTMO Meetup 6'dan kareler. Sunumları için Celil Ünüver(@celilunuver), Utku Çorbacı(@rhotav), Yusuf İşlek(@_nnaci) ve Ahsen Tekdemir'e(@ahsentekd); güzel katılım için TTMO üyelerine çok teşekkürler. Sponsorlarımız: Forestall, Secrove ve Hexflow
0
0
20
RT @__TTMO__: Tersine mühendisler, 6. toplantıya koşun!.16 Ağustos, İzmir'de. Kayıt: (Toplantı akışı daha sonra….
docs.google.com
Etkinlik Zamanı: 16 Ağustos 2025 / 13.00 - 18.00 Etkinlik Adresi: Withco, Çınarlı Mah. 1572 Sok. No:33 Konak/İZMİR Bize [email protected] e-posta adresinden ulaşabilirsiniz.
0
5
0
Bu sefer İzmirdeyiz. O bitirmediğin projeni bitirip sunmak için mükemmel fırsat. Mailler 👉👉 noreply@ttmo.re.
6. toplantı için dikkat dikkat! O karmakarışık klasörlerde birikmiş bilgi yığınlarını sunuma dökme zamanı. Son CFP başvurusu 5 Ağustos. Etkinlik 16 Ağustos. Konum İzmir. Detaylar:
0
0
10
RT @egeblc: As a fun little weekend project, I have weaponized OpenReplay for exploiting XSS on "HttpOnly" websites. It allows you to remot….
github.com
Seamless remote browser session control. Contribute to EgeBalci/evilreplay development by creating an account on GitHub.
0
16
0
Do you know there's an official BLE service for cycling sensors? I didn't, so here's my DIY ESP32 with a reed sensor and a Samsung Health connection! New blog post: "Emulating a Bike Sensor" 👇
1
2
14
@mrexodia ps: I'm aware this doesnt handle shuffled opcodes right now. I have a plan to also analyze interpreter executable and prepare opcode mapping. and olugin uses hardcoded key (0xdeadbeef) instead of taking it from found header (idk how to pass it to architecture class).
2
0
4
here is the riscy-business vm repo : here is the binary ninja plugin :
github.com
Binary Ninja Plugin for Riscy Business. Contribute to eybisi/bn-riscy-business development by creating an account on GitHub.
1
0
12
I’ve developed a Binary Ninja plugin to load encrypted riscy-business bytecode. It locates the encryption key, decrypts the bytecode, auto-renames initial functions, resolves import table entries, and annotates VM-specific syscalls. An example binary is included in the repository
3
43
307
Btw love the fact that lockedshield had sample from romcom case (custom proxy tool) which is targeting NATO. I've analyzed almost identical sample just before the event 😄 .
🚨Nebulous Mantis (also known as Cuba), a Russian-speaking cyber espionage group behind the 2023 NATO Summit campaign, has escalated operations in 2025. Their recent campaigns target sectors like tech, healthcare, and engineering, while still focusing on geopolitical interests.
0
0
4
I've also added test apks with git lfs. You can pull test cases with `git lfs pull` after cloning the repo.
0
0
0
Added crocodilus unpacker to kavanoz at version 0.0.6 thx for the report @cryptax.
github.com
Statically unpacking common android banker malware. - eybisi/kavanoz
A new mobile banking Trojan has emerged—#Crocodilus. Discovered during regular threat hunting, it’s already showing capabilities that rival top malware families, including device takeover and advanced credential theft. #BankingTrojan #ThreatFabric
1
1
20
RT @DebugPrivilege: For the hardcore reverse engineers and malware analysts out there, my ex-colleague just dropped a deep dive into 'Scatt….
cloud.google.com
We been tracking multiple espionage operations conducted by China-nexus actors utilizing POISONPLUG.SHADOW malware.
0
77
0
