It's been a while since I wrote anything so I wrote an article on how to discover the entire x86-64 instruction set in seconds including any hidden instructions and learn their basic properties while on it. There were some pretty interesting results! https://t.co/t7vMwYDYas

Threw a diagram I sketched out at Gemini expecting some barely coherent mermaid diagram and it perfectly reconstructed the entire state machine with precisely matching flow arrows. Guess paper is back. This thing reads my handwriting better than I do.😅

Europe has already slipped into the totalitarian shadow on speech. 12,000 yearly arrests in the UK for SoMe posts. Germany doing their best to catch up. France detained Pavel. Danmark convicting people for jokes. @JDVance was right in Munich.

It's official: I'm co-founding zystem Inc, building a new continuous profiling platform called zymtrace. The idea is to take "whole system" one step further to also cover CUDA/GPU/ML workloads. We also see a looot of unrealized potential left in CPU profiling. [1/n]

Excited to share my latest article: PgC - a novel approach to disable Patchguard during runtime using basic memory management principles. It has worked against every version of Patchguard for the last 7 years, without needing any updates! https://t.co/H5dDddpuMP

A preprint of my paper "Deobfuscation of Semi-Linear Mixed Boolean-Arithmetic Expressions" ( https://t.co/RZUjlMfUvc) is now available. This work extends algebraic MBA deobfuscation techniques to handle semi-linear MBAs - a class that existing techniques struggle with.

Europe is maybe two months from passing laws that end private communication as we know it, and folks are looking the other way (understandably.) You’re not going to get a do-over once these laws are passed.

> Want to reverse engineer notepad.exe for lulz to figure out what hotkey is toggling right-to-left reading order because I keep hitting it accidentally > MBA obfuscated imports

Similar sitution for ci, netio, ntdll etc as well, just lost track at this point 😓

Whats going on with MSDL? I feel like half the binaries Microsoft shipped over the past 3-4 months have missing PDBs. July 2023: https://t.co/SkJ5487CGr June 2023:

We’ve just published another great Plugin Focus article! Can Bölük ( @_can1357 ) introduces his NtRays plugin for automated simplification of Windows Kernel decompilation. Read more 🌐 https://t.co/59PKiBDlSY #IDAPro #IDAPython #IDAPlugin #NtRays

I had an inquiry about ACPI checks, and decided to run through how they work and how to mitigate them on VMware and QEMU. It's a quick and dirty write-up, so excuse the brevity. https://t.co/uzCH6kRtr7

@dwizzzleMSFT I thought you said this wasn't for drm? 🤥

Happy to release a neat little plugin for IDA Pro! Bitfield and bitflag accesses have been an annoyance that requires another window open and constant fiddling. You can now fix that with just a few key presses! https://t.co/alM0J36oee

They literally started using the name Pluton again with no shame... It's hilarious to me what the consumers are willing to trade for a fancy (yet unusable) UI from a company that refuses to update its previous generation scheduler just to make people switch. </rant>

I was given the opportunity by @ByfronTech to analyze their current work w/ @_can1357. I could see it competing with if not overtaking some of the solutions on the market. Outstanding work by the engineers behind it, and it isn't even done yet. https://t.co/PGTa9xMRMn

Added Intel CET, VMX extensions + rdrand/rdseed, invpcid/invlpga, xsaves/xrstors as well.

NtRays can now lift RCR, RCL, CLAC, STAC, SWAPGS, CPUID, XSETBV, XGETBV, IRETQ, SYSRETQ, Trapframe access in ISRs and KUSER_SHARED_DATA access both kernel-mode and user-mode. It's all slowly becoming readable!

Also releasing a C++20 wrapper for Hex-Rays API, which can be found at https://t.co/FYm9Plu1HC. Thanks to @RolfRolles for giving me some samples to get started at!

Been experimenting with Hex-Rays API today and wrote a plugin that simplifies NT Kernel decompilation. So far it can remove instrumentation, lift dynrelocs and RSB flushes. Source code and the binary are below, let me know if you have any feedback! https://t.co/bfRSvdwLkC

Tickling VMProtect with LLVM: Part 1-3 by @fvrmatteo https://t.co/sCOl7Q6GKK