| BGGP6: REVIVING RDOFF PART 1 // A look at nasm's most mysterious object file format | |
| BGGP6 Wireshark Dissector Lua // What is the smallest Wireshark dissector? What's the most annoying Wireshark dissector? | |
| about // about me | |
| BGGP6 Announcement // Announcing the 6th annual Binary Golf Grand Prix: RECYCLE | |
| Phrack 72 // Cover design for Phrack 72 | |
| BGGP5 Wrapped // Recap of 5th annual Binary Golf Grand Prix: Download | |
| tmp.0ut Volume 4 // tmp.0ut 4 is back with some sick papers on linux, elf, rootkits, vx, and more | |
| Phrack 72 CFP // Flyer design for Phrack's 40th Anniversary Issue CFP | |
| impure89 Release // impure ASCII art pack number 89 | |
| Phrack 71 // Cover design for Phrack 71 | |
| Binary Golfing UEFI Applications (REcon 2024) // My REcon talk about golfing self-replicating UEFI applications | |
| BGGP5 Announcement // Announcing the 5th annual Binary Golf Grand Prix: Download | |
| Welcome To My Cool New On-Line Web Site // Hello | |
| Notes // Collection of notes, gists, threads, and other nuggets of info. | |
| BGGP4: A 420 Byte Self-Replicating UEFI App For x64 // My BGGP4 entry | |
| Bad Will b2b DJ XLAT - XMAS MEGA MIX // Stream from a holiday themed DJ set I did | |
| easylkb: Easy Linux Kernel Builder // Build simple Debian based Linux images for testing and debugging. From tmp.0ut Vol 3 | |
| LKM Golf // Creating tiny Linux Kernel Modules. From tmp.0ut Vol. 3 | |
| tmp.0ut Volume 3 // tmp.0ut 3 has 30 papers about Linux malware, exploits, file format hacking, and more. Go read them!! | |
| BGGP4 Results // Results from the 4th annual Binary Golf Grand Prix | |
| Bad Will x DJ XLAT - Live 7/1/23 // Stream from a DJ set I did | |
| BGGP4 Announcement // Announcing the 4th annual Binary Golf Grand Prix: Replicate | |
| netspooky/pdiff2 // A revised version of the pdiff tool | |
| Protocol RE Talk // Slides, notes, and resources from a talk I did on Protocol RE | |
| acble - Apple Continuity Dissector // Wireshark dissector for the Apple BLE Advertising Beacon protocol used by Airpods and other Apple devices | |
| steel injection jungle mix // DJ Set - Jungle | |
| scare - Simple Configurable Assembly REPL and Emulator // A multi-arch assembly REPL and emulator for your command line. | |
| 208 byte aarch64 ELF reverse shell // Playing around with golfing aarch64 | |
| netspooky/hexcalc // A small localhost hex calculator for your browser. | |
| xx File Format // A file format for people who like to write in raw hex and draw pretty pictures. | |
| BGGP3 Results // Results from the 3rd annual Binary Golf Grand Prix | |
| BGGP3: LEMONADE.BIN // BGGP3 entry that DOSes Rizin and Radare2 with SOPHIE lyrics. | |
| tmpout/elfs // A collection of interesting ELF files for inspiration and testing | |
| yxd - Yuu's heX Dumper // A colorful hex dumping tool and library for your command line. Compatible with xxd! | |
| Python3.7+ Multi-arch .pyc dropper // Using binary format handlers to run Python bytecode containing shellcode. | |
| BGGP3 Announcement // Announcing the 3rd annual Binary Golf Grand Prix: Crash | |
| kompaktblk Figlet Font // A small blocky figlet font. | |
| uBLK Figlet Font // A blocky line based figlet font. Used on the BGGP3 announcement. | |
| Wireshark is a lolbin // Tips n' Tricks for Wireshark, running arbitrary Lua scripts and DLLs | |
| Packets Remystified: Broadcast BrujerÃa // Different things you can do with broadcast and multicast protocols + tips on protocol design. | |
| 84 byte aarch64 ELF // A tiny ELF for 64 bit ARM, diagram and source. From tmp.0ut Vol. 2 | |
| BGGP2 Wrap Up // A write up about BGGP2: Polyglot. From tmp.0ut Vol 2 | |
| Elf Binary Mangling Pt. 4: Limit Break // An 82 byte ET_EXEC ELF for x86_64. From tmp.0ut Vol 2 | |
| Some ELF Parser Bugs // A whole bunch of bugs in different ELF parsers. From tmp.0ut Vol. 2 | |
| An ELF Palindrome for AMD64 // From PoC||GTFO 21. An updated version of the writeup for my BGGP2020 entry. | |
| netspooky/importsort // A python tool to group imports from multiple Windows Binaries. | |
| BGB Emulator Link Cable Protocol Dissector // A dissector for the TCP based link cable protocol used in the BGB emulator. | |
| koholint Figlet Font // Based on the Links Awakening Font | |
| six-fo Figlet Font // Based on the Nintendo 64 DD BIOS Font | |
| BGGP2 Results // Detailed analysis of entries for the 2021 Binary Golf Grand Prix. | |
| ns.bggp2021.asm // PE/PDF/JS Polyglot for BGGP2. 487 bytes. | |
| PGStats Dissector // A dissector for the internal postgres stats protocol. | |
| ELF Binary Mangling Series // A blog series about making super small ELFs | |
| netspooky/kimagure // Windows Shellcode and TinyPE generator tool. | |
| BGGP2 Announcement // Announcing the 2nd annual Binary Golf Grand Prix: Polyglot | |
| In-Memory Kernel Module Loading // tmp.0ut 1.9 - Article about loading LKMs in memory from a remote source. | |
| Encoding Mutations: A Base64 Case Study // Writeup about (ab)using base64 implementations | |
| Linux.Precinct3.asm // A Linux Based Data Destruction Tool for authorized users only. From tmp.0ut Vol 1 | |
| BGGP1 Results Stream // Video covering the results from the first BGGP. | |
| Palindromic 64 bit ELF binaries // Entry for BGGP2020. A small ELF that executes the same backwards as it does forwards. | |
| Hella Booters Talk (Defcon 28 IoT Village) // I discuss IoT Botnets, the botnet scene, and IoT security. | |
| netspooky/pdiff // A revised version of the pdiff tool | |
| BGGP1 Announcement // Announcing the 1st annual Binary Golf Grand Prix: Palindrome | |
| Adventures in Binary Golf (AirGap2020) // A talk about the theory and practice of binary golf. From AirGap2020. | |
| Exotic Mirai Targets // Examination of Mirai binaries that target lesser known CPU architectures. | |
| Modern PE Mangling // Creating tiny Windows executables for Windows 10. | |
| Intro to Firmware Analysis (PancakesCon2020) // Notes from my talk about analyzing firmware at PancakesCon 2020. | |
| Intro To Assembly Optimization // A stream covering the basics of doing x86 assembly optimization and binary golf. | |
| threatland/TL-BOTS // A curated collection of source code for various botnets. | |
| netspooky/inhale // A malware static analysis and classification tool. | |
| threatland/TL-TROJAN // A curated collection of source code for various RATs, stealers and other trojans. | |
| Cisco SMI: Still Tippin' // Discussion of the current state of attacks on switches using Cisco Smart Install. | |
| threatland/TL-FRAUD // A curated collection of fraud related tools for research. | |
| netspooky/jloot // JIRA Secure Attachment Looter. Dump files via IDOR in self-hosted JIRA. | |
| jinn's Puzzle // A curious puzzle | |
| x86 Bootloaders // Short tutorial on writing x86 bootloaders | |
| Cheatsheets // Various cheatsheets |
Netspooky's Blog
//