Ryan's Avatar

Ryan

@rewithme

Object File Analyst, Programming Scientist

44
Followers 180
Following 22
Posts 05.11.2023
Joined
Posts Following

Latest posts by Ryan @rewithme

Post image Post image

My keynote at RE//Verse went great!

(it will be released online later if you missed it!)

07.03.2026 20:14 πŸ‘ 132 πŸ” 2 πŸ’¬ 5 πŸ“Œ 0
Preview
Dr. Gladys West, Mathematician Whose Work Made GPS Possible, Dies at 95 ALEXANDRIA, VA β€” Dr. Gladys West, the pioneering mathematician whose work laid the foundation for modern GPS technology, has died. She passed away

Dr. Gladys West, the pioneering mathematician whose work laid the foundation for modern GPS technology, has died. She was 95.

19.01.2026 18:00 πŸ‘ 27283 πŸ” 9627 πŸ’¬ 549 πŸ“Œ 502
Post image

Today's cool visualization of the day is brought to you by arxiv.org/pdf/2512.14045

The world needs more Sankey diagrams.

06.01.2026 15:12 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

For types etc to see what the decompiler had for those, that does require not just dwarf eval.

An undefined function that would have referenced an undefined global struct can’t be evaluated.

06.12.2025 13:36 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I think it’s fair to say some structures especially those unidentified in stripped binary by decomp, and whole functions left as undefined data can’t be mapped or meaningless to map in those cases. I think for a majority of the technique you would be able to still do that eval, and you can use xref

06.12.2025 13:35 πŸ‘ 1 πŸ” 0 πŸ’¬ 2 πŸ“Œ 0

I’m not sure I follow, stripping a binary would leave you with a debug binary and a new stripped binary, and you can tie debug symbols to new one, alternatively using the external debug symbols does the same thing?

06.12.2025 13:26 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

This DecompileBench paper is pretty slick, especially how they test for semantic equivalence: arxiv.org/pdf/2505.11340

Unfortunately, there's a pretty big limitation that isn't addressed anywhere that I can see. Can you tell what it is?

06.12.2025 13:19 πŸ‘ 1 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

Episode 23: War Stories with Brendan Dolan-Gavitt (XBOW)!

@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @moyix.net who shares some AI and human war stories with us!

Links below!

07.11.2025 15:03 πŸ‘ 5 πŸ” 5 πŸ’¬ 1 πŸ“Œ 0
Post image

πŸŽ™οΈ #ASE2025 Keynote Speaker Series (2 of 3)

Dr. Cristina Cifuentes, Vice President @ Oracle Software Assurance

β€œOracle Parfait – Detecting Application Vulnerabilities at Scale – Past, Present and Future”

26.10.2025 03:19 πŸ‘ 6 πŸ” 2 πŸ’¬ 1 πŸ“Œ 2
Post image

πŸŽ™οΈ ASE 2025 Keynote Speaker Series (3 of 3)

Prof. Taesoo Kim (Georgia Tech)
β€œHyperscale Bug Finding and Fixing: DARPA AIxCC”

conf.researchr.org/track/ase-20...

28.10.2025 07:44 πŸ‘ 4 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Post image

πŸŽ™οΈ #ASE2025 Keynote Speaker Series (1 of 3)

What do symbolic model checking, path profiling, and quantum simulation have in common? πŸ€”

Find out from Prof. Reps (University of Wisconsin-Madison) in his ASE2025 Keynote β€œWe Will Publish No Algorithm Before Its Time”!

conf.researchr.org/track/ase-20...

22.10.2025 11:39 πŸ‘ 10 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Post image

You've seen the trends in AIxCC: LLMs can hack source, find vulns, and patch them. But what about on binaries without source? Do decompilers close the gap, or is there more to grow?

Come see my talk at DistrctCon where I merge and dissect these two fields: AI Hacking + Decomp.

30.10.2025 16:02 πŸ‘ 6 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
What the hell are we doing? Β· Addison Crump Homepage for Addison Crump

Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...

26.10.2025 03:16 πŸ‘ 30 πŸ” 11 πŸ’¬ 1 πŸ“Œ 1
Preview
GitHub - emproof-com/workshop_firmware_reverse_engineering: Workshop on firmware reverse engineering Workshop on firmware reverse engineering. Contribute to emproof-com/workshop_firmware_reverse_engineering development by creating an account on GitHub.

We at @emproofsecurity.bsky.social open-sourced a free firmware reverse engineering workshop for self-study.

Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included.

github.com/emproof-com/...

30.09.2025 08:36 πŸ‘ 5 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Screenshot of the blog post intro: Permissive vs Copyleft Open Source Published on Jul 9, 2025. The premise of copyleft licenses is attractive: Create more open source! With permissive licenses, someone can take the code and make proprietary modifications to it and sell it to other people without releasing the modifications. We want people to publish their improvements, right? With copyleft, we can force people to publish their improvements to copyleft code. Businesses will want to use our code because creating it was so much work in the first place. We need copyleft if we want more contributors, more open source, more code re-use, more freedom. Right? Wrong. In this post, I break down all the ways copyleft licenses fail to achieve their stated goals, and explain why permissive licenses succeed where copyleft fails.

Screenshot of the blog post intro: Permissive vs Copyleft Open Source Published on Jul 9, 2025. The premise of copyleft licenses is attractive: Create more open source! With permissive licenses, someone can take the code and make proprietary modifications to it and sell it to other people without releasing the modifications. We want people to publish their improvements, right? With copyleft, we can force people to publish their improvements to copyleft code. Businesses will want to use our code because creating it was so much work in the first place. We need copyleft if we want more contributors, more open source, more code re-use, more freedom. Right? Wrong. In this post, I break down all the ways copyleft licenses fail to achieve their stated goals, and explain why permissive licenses succeed where copyleft fails.

I wrote a comprehensive post dispelling many incorrect assumptions about Copyleft vs Permissive open source licenses.

If you author/contribute to open source code, it's worth reading and understanding these nuances!

shazow.net/posts/permis...

15.07.2025 17:36 πŸ‘ 69 πŸ” 17 πŸ’¬ 3 πŸ“Œ 3
Preview
LIEF patchelf This blog post introduces a modern LIEF-based version of patchelf

New blog post on implementing patchelf-like functionalities using LIEF's Rust bindings:

lief.re/blog/2025-07...

14.07.2025 05:09 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
XBlock Summer 2024 Update Howdy! I figure it's probably not the worst idea to do a quick update on XBlock progress, as well as give some indication what I'm planning to do in the future with it. This will be more roadmap-y tha...

Cool blog of how @aendra.com built @xblock.aendra.dev her automoderation tuned screenshot classifier AI model and pipeline, including all the manual work behind it.
www.aendra.com/xblock-summe...

09.07.2025 00:48 πŸ‘ 24 πŸ” 6 πŸ’¬ 1 πŸ“Œ 0
Post image

It was great to see the community come together again at our 4th #FUZZING workshop in Trondheim this year! We drew a big crowd. Enjoyed the super lively discussions.

Thanks to the organizers:
* @rohan.padhye.org
* @yannicnoller.bsky.social
* @ruijiemeng.bsky.social and
* LΓ‘szlΓ³ Szekeres (Google)

29.06.2025 07:25 πŸ‘ 21 πŸ” 3 πŸ’¬ 2 πŸ“Œ 0

🚨 Our amazing #FUZZING'25 keynotes are online!

"Constraining Fuzzing without Paying Too Much" by Miryung Kim
youtu.be/L90MBb6NLBE

"Are you sure you belong in academia?" by Will Wilson
youtu.be/qQGuQ_4V6WI

// @mboehme.bsky.social, LΓ‘szlΓ³ Szekeres, @rohan.padhye.org, @ruijiemeng.bsky.social

29.06.2025 07:35 πŸ‘ 11 πŸ” 6 πŸ’¬ 1 πŸ“Œ 0
Preview
srcML Dockerfile srcML Dockerfile. GitHub Gist: instantly share code, notes, and snippets.

srcML Dockerfile... gist.github.com/edmcman/edff...

11.06.2025 22:47 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Nova 6.7b - a Hugging Face Space by ejschwartz This application converts assembly code into C source code. Users need to input assembly code and specify the optimization type. The result is the corresponding C source code.

HF space for the Nova neural decompiler: huggingface.co/spaces/ejsch...

29.05.2025 13:12 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
A walk down the learning curve A walk down the learning curve (and memory lane) Thomas Dullien (β€œHalvar Flake”) Computing Mathematician

A small slide deck for a 15 minute impulse talk at Cycon 2025 in Talinn: docs.google.com/presentation...

28.05.2025 14:43 πŸ‘ 23 πŸ” 9 πŸ’¬ 1 πŸ“Œ 3
Preview
DWARF as a Shared Reverse Engineering Format This blog post introduces a new API in LIEF to create DWARF files

[Blog Post] New high-level API in LIEF that allows the
creation of DWARF files. Additionally, I present two plugins designed to export
program information from Ghidra and BinaryNinja into a DWARF file.

lief.re/blog/2025-05...

(Bonus: DWARF file detailing my reverse engineering work on DroidGuard)

27.05.2025 13:50 πŸ‘ 21 πŸ” 15 πŸ’¬ 1 πŸ“Œ 0
Preview
Self-nomination for the Artifact Evaluation Committee of NDSS 2026 We are looking for members of the Artifact Evaluation Committee (AEC) of NDSS 2026. The Network and Distributed System Security symposium adopts an Artifact Evaluation (AE) process allowing authors t...

All papers should publish their code. Help realize this by becoming an artifact reviewer at NDSS'26, apply here: docs.google.com/forms/d/e/1F...

You'll review artifacts of accepted papers. We especially encourage junior/senior PhD students & PostDocs to help. Distinguished reviews will get awards!

25.05.2025 13:25 πŸ‘ 12 πŸ” 10 πŸ’¬ 0 πŸ“Œ 1
How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation Sean Heelan: > The vulnerability [o3] found is CVE-2025-37899 (fix [here](https://github.com/torvalds/linux/commit/2fc9feff45d92a92cd5f96487655d5be23fb7e2b)), a use-after-free in the handler for the S...

Excited to see my LLM CLI tool used by Sean Heelan to help identify a remote zeroday vulnerability in the Linux kernel!
simonwillison.net/2025/May/24/...

24.05.2025 23:42 πŸ‘ 116 πŸ” 21 πŸ’¬ 3 πŸ“Œ 2
Preview
GitHub - non-ai-licenses/non-ai-licenses: This repository contains software licenses that restrict software from being used in AI training datasets or AI technologies. This repository contains software licenses that restrict software from being used in AI training datasets or AI technologies. - non-ai-licenses/non-ai-licenses

github.com/non-ai-licen...

23.05.2025 13:10 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Artisinal software

There is LLM free licenses though I think

23.05.2025 13:09 πŸ‘ 3 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
GitHub - binarly-io/idalib: Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib - binarly-io/idalib

We're are happy to announce a new release of our #Rust bindings for idalib.

What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs

H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy

github.com/binarly-io/i...

21.05.2025 22:28 πŸ‘ 5 πŸ” 9 πŸ’¬ 0 πŸ“Œ 0
A mini symbolic execution engine It has been a while since I blogged last time. One change is that I started to have nightmares about me forgetting to prepare for lecture, rather than forgetting to turn in homework as in the past 20(...

this is still the Best Post about symbolic execution. it uses some cursed python to make a tiny but illustrative symbolic execution engine

kqueue.org/blog/2015/05...

03.05.2025 17:44 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0