I’ll be teaching my next deobfuscation class at @REverseConf (Orlando), Mar 2–5, 2026. Learn to dissect modern protections, devirtualize VMs, and simplify MBA expressions using symbolic execution, SMT solving, and synthesis.
Details: https://shop.binary.ninja/products/re-verse-2026-deobfuscation
Happy to share that later today (Friday, Nov 14, at 10:00 PM CET / 16:00 ET), I’ll be live on the #BinaryNinja livestream to talk about (anti-)reverse engineering & code (de)obfuscation. I'll also showcase some of my plugins.
The recording of our (CC @nicolodev talk "Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications" at @recon is now online!
Recording: https://www.youtube.com/watch?v=QxSGWk3MqaQ
Slides: https://synthesis.to/presentations/recon25_mba_obfuscation.pdf
#BinaryNinja Plugin: https://github.com/mrphrazer/obfuscation_analysis
The new version of my #BinaryNinja plugin Obfuscation Analysis (v1.2) adds recursive function inlining in the decompiler.
It collapses call-heavy code into a single function; analysis, constant propagation, DCE and other analyses work across boundaries.
We at emproof open-sourced a free firmware reverse engineering workshop for self-study.
Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included.
https://github.com/emproof-com/workshop_firmware_reverse_engineering
The slides from our @recon talk, "Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications" (CC @nicolodev are now online!
Slides: https://synthesis.to/presentations/recon25_mba_obfuscation.pdf
Tomorrow at 3:30 pm, Nicolò Altamura and I will present our talk “Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications” at @recon
Details: https://cfp.recon.cx/recon-2025/talk/BKBQ37/
Plugin release: https://github.com/mrphrazer/obfuscation_analysis
My class on code deobfuscation at REcon Montreal (June 24-27) is now open for registration! Learn how to analyze obfuscated code and break it by writing custom tools using symbolic execution, SMT solving, and program synthesis.
Details & Register: https://recon.cx/2025/trainingSoftwareDeobfuscationTechniques.html
New #BinaryNinja plugin: Obfuscation Analysis
Simplifies arithmetic obfuscation (MBA) directly in the decompiler (see demo below). Also identifies functions with corrupted disassembly.
Co-authored by @nicolodev ; available in the plugin manager.
Check it out: https://github.com/mrphrazer/obfuscation_analysis
Excited to teach my class on software deobfuscation in Paris at @hexacon_fr Oct 6–9, 2025!
Learn advanced techniques to defeat state-of-the-art obfuscation in DRMs & APT malware.
https://www.hexacon.fr/trainer/blazytko/
#reverseengineering #malware #malwareanalysis #softwaresecurity
At @recon , @nicolodev and I discuss the current state of MBA (de)obfuscation and their applications. We’ll also introduce a new #BinaryNinja plugin for simplifying MBAs in the decompiler.
Details: https://cfp.recon.cx/recon-2025/featured/
I'll also give a training: https://recon.cx/2025/trainingSoftwareDeobfuscationTechniques.html
New heuristic in my #BinaryNinja plugin obfuscation_detection:
Duplicated Subgraphs uses iterative context hashing to spot repeated multi-block code. We merge each block’s signature with its successors over multiple rounds for efficiency.
My class on code deobfuscation at REcon Montreal (June 24-27) is now open for registration! Learn how to analyze obfuscated code and break it by writing custom tools using symbolic execution, SMT solving, and program synthesis.
Details & Register: https://recon.cx/2025/trainingSoftwareDeobfuscationTechniques.html
Last Thursday, I gave a webinar on anti-reverse engineering techniques like obfuscation, anti-debug, anti-tamper etc, including practical examples. Recording, slides and examples are now available.
Recording: https://www.youtube.com/watch?v=Ie1eZSiMEJ8
Slides, code & samples: https://github.com/emproof-com/webinars/tree/main/2025-01-software_protection
The line-up for RE//verse is impressive, but one talk I’m particularly excited about is from Vikas Gupta and Peter Garba:
“Standing on the Shoulders of Giants: De-Obfuscating WebAssembly using LLVM”
I can also be found on Bluesky: https://bsky.app/profile/mrphrazer.bsky.social
New version of my #BinaryNinja plugin obfuscation_detection.
New features detect:
* RC4 implementations (KSA + PRGA)
* functions with a high loop frequency (potential performance bottlenecks)
* irreducible loops (aggressive optimizations & obfuscation)
Happy to present "Unleashing AI: The Future of Reverse Engineering with Large Language Models" with @mu00d8 at
@recon We'll cover current & future RE applications, running offline models and enhancing results by merging LLMs with static analysis.
https://recon.cx/2024/presentations.html
#reverseengineering #malwareanalysis #malware #AI #LLM #REcon2024
🚀 Join me at TyphoonCon 2024 in South Korea for an intensive Software Deobfuscation Techniques training from May 27-29!
You'll learn how to analyze and break obfuscated code. Key learnings include
🔍 Unveiling state-of-the-art strategies in code obfuscation and their undoing.
🛠️ Mastering compiler optimizations and SMT-based program analysis.
⚙️ Harnessing the power of symbolic execution and program synthesis for practical problem-solving.
📐 Crafting disassemblers for VM-based obfuscation and simplify complex arithmetic expressions.
🔗 Details & Registration: https://typhooncon.com/blog/conitems/software-deobfuscation-techniques/
#reverseengineering #softwaredeobfuscation #gamesecurity #anticheat #softwaresecurity #malwareanalysis #antipiracy #malware #training #TyphoonCon24
New #BinaryNinja plugin: ReverserAI. It uses local large language models (LLMs) to derive semantically meaningful function names from decompiler output, demonstrating the potential of local LLMs to support reverse engineering on consumer hardware.
Check it out: https://github.com/mrphrazer/reverser_ai