Intro to Software Reverse Engineering (Part 3)

Hey everyone! In the previous blog (part 2 of the “Intro to Software Reverse Engineering”), we covered a walk-through of a challenge from crackmes.one. We’ll be continuing our series on software reverse engineering with a walkthrough of another challenge from crackmes.one. The description of this challenge is as follows: Guess the password without brute-forcing. No...

Intro to Software Reverse Engineering (Part 2)

In our previous blog (part 1 of the “Intro to Software Reverse Engineering” series), we covered the basics of Reverse Engineering. In this blog (part 2 of the same series), we’ll be covering a walk-through of a challenge from crackmes.one. This challenge is an x86 binary executable which we’ll attempt to reverse engineer using OllyDBG.   As...

Insecure Deserialization in Python

In this blog (part of the “Insecure Deserialization” series), we are going to discuss Insecure Deserialization in Python. We briefly discussed “What is Serialization?” and “What is Deserialization?” in our previous blog.  Synopsis  Python’s pickle module is used for serialization and deserialization in Python. This module serializes or deserializes Python objects only. It does not...

Intro to Software Reverse Engineering (Part 1)

Software Reverse Engineering is the process through which one attempts to understand a program’s functionality by analyzing its code. In this blog (part 1 of the “Intro to Software Reverse Engineering” series), we’ll delve into Reverse Engineering x86 Windows applications. OllyDbg is the tool we are going to utilize for x86 binary analysis and debugging....

Insecure Deserialization in PHP

In this blog (part of the “Insecure Deserialization” series), we will discuss insecure deserialization vulnerabilities in PHP and its prevention. The purpose of data serialization and deserialization is that it ensures that the object remains a replica of the original item prior to serialization. Insecure deserialization occurs when an application deserializes user-controllable data. This could...