Lightnews — Scholar-powered news

Tim Blazytko @mrphrazer.bsky.social · 10d

We at @emproofsecurity.bsky.social open-sourced a free firmware reverse engineering workshop for self-study.

Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included.

github.com/emproof-com/...

GitHub - emproof-com/workshop_firmware_reverse_engineering: Workshop on firmware reverse engineering

Workshop on firmware reverse engineering. Contribute to emproof-com/workshop_firmware_reverse_engineering development by creating an account on GitHub.

github.com

2 5

Tim Blazytko @mrphrazer.bsky.social · Aug 4

Reminder: If you’re interested in learning how to analyze and deal with obfuscated code, you’re welcome to join my training at @hexacon.bsky.social from October 6-9.

You can still register here: www.hexacon.fr/trainer/blaz...

3

Tim Blazytko @mrphrazer.bsky.social · Aug 1

Congrats!

1

Reposted by Tim Blazytko

Max 'Libra' Kersten @maxkersten.nl · Jul 1

Based on research by @mrphrazer.bsky.social and @mu00d8.bsky.social, presented at RECon 2024, I used graph theory code from Ghidra's codebase to select the order in which functions are sent to the LLM, ensuring as much context as possible is retained. The script is aptly named GhidrAI!

5/n

A side-by-side view of Ghidra's decompiler. Left is the raw output, right is the output enhanced by the LLM.

1 1 3

Tim Blazytko @mrphrazer.bsky.social · Jun 27

The slides from our @reconmtl.bsky.social talk, "Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications" (CC @nicolo.dev ), are now online!

Slides: synthesis.to/presentation...

Plugin: github.com/mrphrazer/ob...

5 12

Tim Blazytko @mrphrazer.bsky.social · Jun 26

Tomorrow at 3:30 pm, @nicolo.dev and I will present our talk “Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications” at @reconmtl.bsky.social !

Details: cfp.recon.cx/recon-2025/t...
Plugin release: github.com/mrphrazer/ob...

Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications Recon 2025

From gaming anti-cheat and DRM solutions to malware, Mixed Boolean-Arithmetic (MBA) obfuscation hides critical computations behind intricate Boolean and arithmetic transformations. In this talk, we de...

cfp.recon.cx

3 10

Tim Blazytko @mrphrazer.bsky.social · Jun 5

Reminder: If you’re interested in code deobfuscation, you’re welcome to join my training at @reconmtl.bsky.social Montréal from June 24-27.

You can still register here: recon.cx/2025/trainin...

1

Tim Blazytko @mrphrazer.bsky.social · Jun 4

Honored to join @jstrosch.bsky.social on his podcast "Behind the Binary"! We discussed my RE journey, identifying & analyzing obfuscated code, software protection in industry vs malware, the dynamic between building & breaking protections, and others.

open.spotify.com/episode/7yJB...

Josh Stroschein | The Cyber Yeti @jstrosch.bsky.social · Jun 4

🔒 Ever wonder how software stays secure? On Behind the Binary, Tim Blazytko, Chief Scientist at Emproof, explores code obfuscation, anti-reverse engineering, and modern defense strategies. Discover the challenges, trade-offs, and defender's mindset! 🎧

open.spotify.com/episode/7yJB...

EP 10 Tim Blazytko - Protecting Intellectual Property: Obfuscation & Anti-Reverse Engineering in Software

Behind the Binary by Google Cloud Security · Episode

open.spotify.com

1 5

Tim Blazytko @mrphrazer.bsky.social · May 25

New #BinaryNinja plugin: Obfuscation Analysis

Simplifies arithmetic obfuscation (MBA) directly in the decompiler (see demo below). Also identifies functions with corrupted disassembly.

Co-authored by @nicolo.dev; available in the plugin manager.

github.com/mrphrazer/ob...

1 10 23

Tim Blazytko @mrphrazer.bsky.social · May 5

Excited to teach my class on software deobfuscation in Paris at @hexacon.bsky.social , Oct 6–9, 2025!
Learn advanced techniques to defeat state-of-the-art obfuscation in DRMs & APT malware.

www.hexacon.fr/trainer/blaz...

9

Tim Blazytko @mrphrazer.bsky.social · Apr 27

Reminder: Training registrations are still open for my deobfuscation training at REcon Montreal. Secure your spot before prices go up on May 1!

Tim Blazytko @mrphrazer.bsky.social · Feb 18

My class on code deobfuscation at REcon Montreal (June 24-27) is now open for registration! Learn how to analyze obfuscated code and break it by writing custom tools using symbolic execution, SMT solving, and program synthesis.

Details & Register: recon.cx/2025/trainin...

2

Tim Blazytko @mrphrazer.bsky.social · Apr 7

At @reconmtl.bsky.social, @nicolo.dev and I discuss the current state of MBA (de)obfuscation and their applications. We’ll also introduce a new #BinaryNinja plugin for simplifying MBAs in the decompiler.

Details: cfp.recon.cx/recon-2025/f...

I'll also give a training: recon.cx/2025/trainin...

4 7

Tim Blazytko @mrphrazer.bsky.social · Mar 14

New heuristic in my #BinaryNinja plugin obfuscation_detection:
Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.

Link: github.com/mrphrazer/ob...

1 7 10

Reposted by Tim Blazytko

RE//verse @re-verse.io · Feb 18

RE//verse training registration closes today! Have to finalize count for the hotel. If you still want to join after registration closes, contact us ASAP as some extra slots may be available. https://re-verse.io/#trainings

2 2

Tim Blazytko @mrphrazer.bsky.social · Feb 18

My class on code deobfuscation at REcon Montreal (June 24-27) is now open for registration! Learn how to analyze obfuscated code and break it by writing custom tools using symbolic execution, SMT solving, and program synthesis.

Details & Register: recon.cx/2025/trainin...

1 9

Tim Blazytko @mrphrazer.bsky.social · Jan 27

Last Thursday, I gave a webinar on anti-reverse engineering techniques like obfuscation, anti-debug, anti-tamper etc, including practical examples. Recording, slides and examples are now available.

Recording: www.youtube.com/watch?v=Ie1e...

Slides, Code & Samples: github.com/emproof-com/...

Webinar: Software Protection -- Safeguarding Code Against Reverse Engineering

YouTube video by emproof

www.youtube.com

1 1 5

Tim Blazytko @mrphrazer.bsky.social · Jan 10

The line-up for @re-verse.io is impressive, but one talk I’m particularly excited about is from Vikas Gupta and Peter Garba:

“Standing on the Shoulders of Giants: De-Obfuscating WebAssembly using LLVM”

re-verse.sessionize.com/session/763329

re-verse.sessionize.com

4

Tim Blazytko @mrphrazer.bsky.social · Jan 9

The schedule of RE//verse is out now and contains some pretty interesting talks on reverse engineering and code (de)obfuscation!

I'll also give my deobfuscation training there: shop.binary.ninja/products/re-...

3 9

Tim Blazytko @mrphrazer.bsky.social · Dec 9

My next (de)obfuscation training will be at
@re-verse.io , Feb 24-27 in Orlando. You’ll learn to identify, analyze, understand, and break protected code in both malware and commercial applications.

Register: shop.binary.ninja/products/re-...

RE//verse Training - Software Deobfuscation Techniques with Tim Blazytko

Get to know state-of-the-art code obfuscation techniques, how they complicate reverse engineering, and how to use different deobfuscation techniques to break them in these hands-on sessions at RE//ver...

shop.binary.ninja

3 10