#malware-analysis
Read more stories on Hashnode
Articles with this tag
AI-Assisted Reversing Engineering in 2026 · Recently, I discovered this IDAPro plugin called Gepetto [1]. It connects IDA to LLMs and assists in...
Recently, I’ve been reversing this first-stage that dynamically loads a copy of ntdll.dll in order to hide malicious behavior from Sandboxes and EDRs....
![[Tool] Messing Around with Gepetto](https://cdn.hashnode.com/res/hashnode/image/upload/v1767142238902/4dd6591e-4631-4ad3-9204-d567d5a06435.jpeg?w=1600&h=840&fit=crop&crop=entropy&auto=compress,format&format=webp)
![[Tool] Quick Snip to Detect ntdll.dll](https://cdn.hashnode.com/res/hashnode/image/upload/v1767128393992/4d706808-86ae-40d2-b1fc-cabbcdf0fccb.jpeg?w=1600&h=840&fit=crop&crop=entropy&auto=compress,format&format=webp)