Squeeeee 🥳 I'll be teaching my Advanced Linux Malware Reverse Engineering class at RE//verse conference in 2026!! MORE Linux APT insides and peculiarities😍🥰🤩Pls share if you can🙃 shop.binary.ninja/products/re-...

D3 viz of Symbiote malware call graph created with @binaryninja.bsky.social. Interactive, and makes pewpew sounds. The pewpew sounds are naturally the most important analysis feature, duh. Code going public soon.

I feel you buddy, I feel you

Seattle, @blackhoodie.bsky.social is coming to town! Thanks to IOActive we're hosting 2 days of trainings for women by women on Nov 14 & 15, brought to you by @barbieauglend.bsky.social Bhavna Supriya and Hanne! blackhoodie.re/Seattle2025/

We're on a roll 😱 Thanks to IOActive we're hosting 4 trainings in Seattle Nov 14-15! Registration is now open

Y'all fantastic news! Save the date, @blackhoodie.bsky.social will be at @districtcon.bsky.social this year 😱 the fantastic crew has offered to host us for a day of Malware Reverse Engineering! @synapticrewrite.bsky.social and myself will be hosting a training for women by women on January 23rd!!

Huge thank you to @hexacon.bsky.social for hosting BlackHoodie, to our trainers Paula, @naehrdine.bsky.social and @allthingsliquid.bsky.social, and much love to Caro for pulling it all together ❤️❤️❤️ the trainings were a huge success, now have a fun conference everyone!

Wheeeee the fine folk of @bsidespdx.bsky.social will have @blackhoodie.bsky.social back this year, with a training about microarchitectural security by the one and only @barbieauglend.bsky.social blackhoodie.re/BSidesPDX2025/

Dearest folks from @bsidespdx.bsky.social are hosting @blackhoodie.bsky.social again this year! Come spend a day with me and CPU bugs :) 🐞 blackhoodie.re/BSidesPDX2025/

Bf found me a gluten free French croissant and im so smitten 🥐

Uh juicy, Lockbit has a new variant 😱😱😱 I cannot WAIT to dig into this www.trendmicro.com/en_us/resear...

Does anyone have BRICKSTORM hashes they can share, other than the two in the Mandiant blog? Or low and behold, samples? 🥹🥹🥹

Boom, the future is here. BRICKSTORM comes with Java servlets, a SOCKS proxy, Go malware, PowerShell scripts, JSP webshells, info stealers, and probs stuff I've missed. Forget Linux or Windows malware, the age of whatever-runs, wherever-it-runs malware has arrived! cloud.google.com/blog/topics/...

Lol ok the callgraph now makes pewpew when I click on a node, and Claude calls it a satisfying "pew" 😂

I vibecoded me a project today that I had on the backburner for a while, callgraph extraction with IDAPython and D3 force-directed graph vis. Did it work out of the box? No Claude made some hilarious mistakes. Was it faster than just me? For sure. Is it useful? Not yet. Fun? Yup.

Candid question. Does burnout ever really go away?

Jetlag make ADD go boom. That also means, proper sleep make executive function go boom! Follow me for more armchair health advice.

@blackhoodie.bsky.social at @sec-t.bsky.social was a blast, a full room of curious students. What a wonderful experience, and now on to the conference!

Huge thanks to the @hexacon.bsky.social team for bringing BlackHoodie to Paris! A free 4-day security workshop for women by women, Oct 6-9. So grateful for our amazing trainers sharing their knowledge: Sonia (Linux Forensics) Paula (Web/Mobile Sec) & Jiska (iOS Hacking)! blackhoodie.re/Hexacon2025/

Here we go again 🙄 we have written an open letter detailing how incredibly misguided is the ChatControl proposal: csa-scientist-open-letter.org/Sep2025

I'm omw to Stockholm for @blackhoodie.bsky.social at @sec-t.bsky.social conference 🥳🥰😱

OH: if vaccines caused autism, we’d have way more trains in the United States

And how is your burnout coming along? Acquired that goat farm yet?

I'm once again looking at the epic 20-part essay which Ian Lance Taylor wrote about linkers lwn.net/Articles/276... - did anyone ever write anything remotely comparable about the MSVC linker? Like, very remotely even?

I've asked this before but seriously, what IS it these days with ransomware shipping with help menus and writing log files..?

Serious Windows XP background image vibes here in New Hampshire

And we did it! We ran 200 miles from Mt Hood to Seaside during a heatwave. That's after Blackhat, Defcon, and a week of moving houses. And, good morning Boston! Im omw to Dartmouth college 🤓🤓🤓

Phrack turns 40. The digital drop is live. Download it. Archive it. Pass it on. 💾 www.phrack.org #phrackat40 #phrack72

I got mugshots done so I can finally look my age in biopics. Hi, I've been a reverse engineer for a long time, and these days I take ransomware apart for blood sports.

I'm captain of a Hood to Coast team again, and 12 of us are running 200 miles this weekend or 11 cause one guy had to drop today. Ask me where my cortisol is at but luckily the team figured it out and we're still on and the leadership qualities of those folk blow my mind 🗻🏃‍♂️🏃‍♀️

@bsidespdx.bsky.social is happening on Oct 24 & 25 in, you guessed it, Portland! The call for paper is open for another few weeks, send us your best stuff!! bsidespdx.org

At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org

I reverse engineered Lockbit's Linux ESXi variant, also explaining how I did some of the steps! For the fun of it, cause reverse engineering is lots of fun. Enjoy! hackandcheese.com/posts/blog1_...

@blackhoodie.bsky.social will be at @sec-t.bsky.social on September 10th with a training on Linux Malware Reverse Engineering, for women by women! We have very few seats left 😁 blackhoodie.re/SecT2025/

Come hang out with Jos Wetzels and myself at 11.20am at Lagoon G level 2 to chat about reverse engineering and meet fellow REs!

DEFCON has banned Eric Michaud. You need to be an exceptionally toxic sleazebag to get banned from DEFCON. There are literally only 4 other names on the list: John Draper, Jake Appelbaum, Morgan Marquis-Boire, and Chris Hadnagy. defcon.org/html/links/d...

Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!

@blackhoodie.bsky.social will be back at @hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/

Sunset over Mt Hood national forest this last weekend!

Odd, but what an error screen!

Just chatted with a friend who works at a big corp, who got called a dog in a 1:1 with their manager today. I dont know what this industry is anymore. What should they do in such situation if afraid of retaliation?

man pthread_create is a perfectly well formed search engine query

And what do we do when we're upset with the world? That's right, we buy more books.

What is it with ransomware these days shipping with help menus?

Recon conference was a blast, and I had the opportunity to deliver my first training at an industry conference! The class went well, students were very engaged and I got good feedback. Will I do this again? Hot maybe, I had a lot of fun 😁

Noooooooooooooooo Microsoft 😭 80.lv/articles/mic...

No. No, they won’t. This attributes agency and choice to LLMs, which they conspicuously don’t have. They will put together text that responds to context, and since lots of human text in certain contexts resorts to deception and blackmail, their text will also do so.

One of my burnout recovery activities is paint night with friends every week. Here's last Monday's friendly monster. I've come to obsess over painting silly things.

Like I've said before, if you have any doubts about climate change, just go to a super-boring insurance conference and listen to the super-boring panels where they dryly talk about the growing threat of disasters so catastrophic and unpredictable in scope they simply cannot be insured at any price.