Automating RE Using r2pipe

July 9, 2018

In this article we will go over Radare2’s r2pipe and its uses. R2pipe is the API for Radare2 that allows you to automate Radare2 and interact with a session from outside of Radare2. This can be used to simplify certain tasks, emulate a certain section of code, decrypt strings, or even reverse engineer multiple binaries with ease. In this specific example we will revisit a malware sample that I have detailed in a previous article titled Linux Malware Analysis — Why Homebrew Encryption is Bad. We will use r2pipe and Python to automate the process of deobfuscating strings within the binary....

Reverse Engineering, Radare2, Hacking, Malware Analysis, Malware, Scripting, Automation, r2pipe

Unpacking Executables - The ESP Trick

April 2, 2018

Malware authors use many tricks to try to get past antivirus solutions. They can obfuscate strings or sign the malware as some other software. One of the more effective tricks is to use a packer to compress the malware, making it harder for antivirus software to detect it. As a malware analyst you should know about what packing is and how to unpack an executable. This article will talk about some of the basic packers and a neat trick that works to unpack most of them....

Reverse Engineering, Radare2, Hacking, x64dbg, Unpacking

Debugging Using Radare2… and Windows!

Feb. 26, 2018

To start off I want to say I am a Linux person. I use it all the time for development. The command-line is amazing and very streamlined for computer-science related tasks. While I feel this way, there are those who do not and would prefer to use a Windows environment instead. So I want to show two things in this article, how to install and use radare2 for Windows, and also how to debug applications using radare2....

Reverse Engineering, Radare2, Windows

Reverse Engineering With Radare2 — Part 2

Dec. 21, 2017

This article is a continuation of my first article “Reverse Engineering Using Radare2” where I gave a basic introduction to the tool. I highly suggest starting there if you haven’t already, as it covers the very basics....

Reverse Engineering, Radare2, Hacking

Reverse Engineering Using Radare2

Dec. 16, 2017

This article assumes the reader has some basic knowledge in coding and assembly language. If not, a good resource for this would be the assembly tutorial from tutorialspoint....

Reverse Engineering, Radare2, Hacking, Malware Analysis

Page 1 of 1