Reverse engineering, OS internals, memory forensics, and low-level security research.https://zx41r.github.io/en-ushttps://zx41r.github.io/posts/c00ked-d3v/https://zx41r.github.io/posts/c00ked-d3v/Full solve for c00ked d3v recovering a scrubbed trail from GHCR layers to a dead host, then from deleted GitHub activity to a staging mirror, DNS TXT dead drop, and the final Gist.Sat, 02 May 2026 00:00:00 GMTnexzeroctfgithubghcrdockerfavicon-hashfofaurlscangithub-apigitlabdnsgistosintforensicshttps://zx41r.github.io/posts/phobos/https://zx41r.github.io/posts/phobos/Deep analysis of Phobos ransomware: encrypted configuration, process termination, persistence mechanisms, and file encryption strategies.Sun, 04 Jan 2026 00:00:00 GMTransomwarephobosida-prox32dbgaes-encryptioncrc32malware-analysisreverse-engineeringhttps://zx41r.github.io/posts/red-stealer/https://zx41r.github.io/posts/red-stealer/Analyze a suspicious executable using VirusTotal and MalwareBazaar to extract IOCs, identify C2 infrastructure, MITRE ATT&CK techniques, and privilege escalation mechanisms.Sat, 03 Jan 2026 00:00:00 GMTvirustotalmalwarebazaarthreatfoxredline-stealeriocmitre-attackc2threat-intelligencemalware-analysishttps://zx41r.github.io/posts/re101/https://zx41r.github.io/posts/re101/Analyze diverse file types including binaries, obfuscated scripts, and corrupted archives using reverse engineering techniques to extract hidden flags.Sat, 03 Jan 2026 00:00:00 GMTbase64jsfuckbrainfuckzip-repairstack-stringsxor-encryptionidaghidrahex-editormalware-analysisreverse-engineeringhttps://zx41r.github.io/posts/ransomed/https://zx41r.github.io/posts/ransomed/Dynamic analysis and memory forensics: stack-strings, API resolution, shellcode and process hollowing.Fri, 02 Jan 2026 00:00:00 GMTprocess-hollowingshellcodex32dbgscdbgidamalware-analysisreverse-engineering