Over the past couple years, I have come to know the .NET platform pretty well, from both a developer’s and a reverse engineer’s standpoint. I can’t always quite say the same about people in the se...

At last, as promised in my previous post, with a huge delay I finally managed to finalize my Flare-On12 write-ups. Overall, it was a really good and fun set of challenges, and as always, the latter...

Today a bit of a different, more rambly post. DEFCON and Grand Canyon It’s been a couple of months since I’ve been back from BSidesLV 2025 and DEFCON 33. Long story short, it was awesome and extr...

Ever seen a binary that looks like a .NET binary based on its strings, but .NET decompilers are not able to open them? .NET or not? You may just be dealing with a Native AOT binary! That may s...

Today a short post. Over the past half year or so, I have been dealing with some pretty serious medical complications that made me unable to do a lot of programming, reversing and blogging. On doc...

Flare-On 11 is about to start, and I thought I needed some warming-up practice. So I went to Tuts4You, and saw that a Windows crackme challenge by ra1n popped up very recently, featuring a custom V...

Here is a scenario you probably have never encountered. Have you ever decompiled a .NET binary that only consists of a bunch of await keywords and nothing else? Yea me neither. Well… until now ...

You may have seen the recent word about the VMProtect source being leaked to various openly accessible places like GitHub. For obvious reasons I won’t link it here, but from the brief looks that I ...

Programming languages that operate on a virtual machine often promise safety guards against many unsafe operations. However, virtual machines can have pretty serious bugs. In this post, we explore ...

Here is a dumb question that you probably never asked yourself: What is the minimal amount of bytes we need to store in a .NET executable to have the CLR print the string"Hello, World!" to the stan...