Wireless Keystroke Injection vulnerability

2 August 2022

In this post we will show a vulnerability of Microsoft Windows 10 (and 11) that allows an attacker to impersonate a previously-paired Bluetooth Low Energy (BLE) HID device, particularly a BLE keyboard, and to inject unencrypted keystrokes, resulting in code execution. This vulnerability was reported to Microsoft (via MSRC)…

Android Malware III.
Hidden Malware

21 April 2022

In this post we are going to see a small example of how an Android Malware could be hidden from the user’s view. 1. The sample We have chosen a very simple malware that has quite readable code from a reversing viewpoint. It is identified by the SHA256 hash…

Android Malware II.
Android Basics

18 February 2022

In this post we will look at some basic concepts about Android in a summarized way before we start analyzing malicious files. Android Architecture Android is based on Linux with the following architecture (very roughly): Android Compile/Reversing When we face reversing in Android applications we have to keep in…

Frida VS Anti-Debug Techniques on Windows (II)

24 August 2021

In this second post of the series “PRACTICAL EXAMPLES WITH FRIDA – Frida VS Anti-Debug Techniques on Windows” we will start with showing examples of bypassing anti-debug techniques. As announced in our first post, in this entry we will talk about the first group of anti-debug techniques: “Techniques based…