Skip to main content


(╯°□°)╯︵ ┻━┻


The Secrets of XProtectRemediator
Binary Ninja Malware RE CTI YARA macOS
A primer on macOS security internals and reverse engineering macOS’ XProtectRemediators to extract ‘secret’ YARA rules!
Revisiting Lazarus' Operation Intercept
Lazarus Malware RE CTI North Korea macOS
An analysis of a multi-stage macOS implant which shares a large number of commonalities with Lazarus’ Operation In(ter)ception.
Lazarus Using Leaked Hacking Team Tooling
Lazarus Malware RE CTI North Korea
A quick analysis of Lazarus sample which makes use of Hacking Team tools from the 2017 leak.
PizzaCrypt Analysis
Malware ransomware .NET RE
A quick analysis of some fun .NET ransomware with a goofy ransom note.