My reverse engineering workflows survey is still ongoing! In less than 3 minutes, you can fill it in and help out:

RT @Gi7w0rm: Since I officially finished my bachelor degree last month, I am now looking for work. If you are offering a job in Cyber Thre….

Ever ran a script in Ghidra that you wanted to cancel, only to find out that the script would not let you? The TaskMonitor handles the cancellation event, December's Ghidra tip dives into the details:

Over the past few months, we @Trellix have kept our eyes open for election related threats with regards to the U.S. presidential elections. We have summarised our findings in a blog:

Ghidra can do a lot, but some tasks are best outsourced to (micro)services! How? This month's tip helps you along:

I am also on BlueSky:

Do you want to iterate over all defined strings in a program in Ghidra? This month's tip got you covered:

Libra.setAge(Libra.getAge() + 1);.

My survey into reverse engineering workflows is still ongoing, if you haven't already, please take 3 minutes of your time, I promise it wont take more!.

Ever wanted to handle all files within your Ghidra project, even the ones in subfolders? This month's Ghidra tip got you covered:

Reverse engineering workflows can always be improved. I'm running a survey to see how! Please take 3 minutes to anonymously fill in what you think can be improved:

Pushed an update to the @Trellix GhidraScripts repository on GitHub which fixes a few bugs in the Golang function recovery script:

With my workshops and talk at the @DianaInitiative, @BlackHatEvents, and @defcon two weeks ago while representing @Trellix, I reflect back on my experiences at the conferences:

The Ghidra scripts to create/use the databases can be found here: 🧵5/4.

The precompiled Golang files can be found here: 🧵4/4.

The BSim databases can be found here: 🧵3/4.

The FunctionID databases can be found here: 🧵2/4.

The @Trellix blog which dives into the nitty gritty of my @defcon talk can be found here: 🧵1/4.

My DotNet Malware Analysis workshop at @DianaInitiative is today! I'd like to thank @Trellix for letting me do this!.

Also on Friday the 9th, from 1400 - 1800, I'll give a four hour @defcon workshop on how to best use Ghidra, with a focus on real life malware, FunctionID, and BSim: 🧵5/5.