btfparse, a parser for linux kernel debug symbols
A short post on how the BTF type format was born, why I wrote a small parser library for it and where to find it.
[Read More]
Releasing two BPF tools I developed: ebpfpub and ebpfault
I’ve released two new BPF tools written in C++ with LLVM: ebpfault (a system call fault injector) and ebpfpub (a system call tracer).
[Read More]
DisARMing a Raspberry Pi - BSides San Francisco CTF 2017
The diary of a small expedition my old friend Raspberry and I have undertaken, exploring the ARM challenge called ‘disarming’ from the BSides San Francisco CTF 2017.
[Read More]
Solving SmokeStack, from the third Flare-On Challenge
A tour in the depths of the SmokeStack level of the third Flare On Challenge from FireEye. The article also covers the internals of the virtual machine used by the binary, presenting a simple command line disassembler written in C++.
[Read More]