Ring Zero Labs

Are you interested in reverse engineering and software security b...

Setting up a malware analysis lab is often the biggest hurdle for...

The Computer Fraud and Abuse Act (CFAA) has long been a source o...

Understanding why a system fails is a core skill for any research...

Intercepting HTTPS traffic is a critical step in mobile malware a...

Looking to start a career in Malware Analysis, Reverse Engineerin...

VBA Macros remain a dominant attack vector. Today, we perform a d...

While most malware is written in C/C++ or Assembly, there is a gr...

Ever lost control of a program before your debugger could even pa...

How do you get started in Malware Analysis? First, you need a saf...

Today we look at how to generically unpack ransomware utilizing m...

[*] ACQUIRING RABBIT [*] GEO SEQUENCE I...

Today's video covers how to analyze CVE 2017-11882 : the Micr...

The ever-growing Internet of Things (IoT) brings a new wave of ma...

Metasploit is the most prevalent exploit framework in the world t...

Today we demonstrate how to reverse engineer 3rd party APKs, what...

Malware authors are implementing malicious link files into their ...

Today we demonstrate how to quickly triage a malicious Word docum...

Today we show how to quickly triage Java JAR files and how to esc...

Today we analyze a classic SMB worm that leverages GMAIL for Comm...

Today we analyze a seemingly normal PDF Phishing campaign but it ...

Today we analyze a malicious HTML document that claims the user m...

How do you get started in Malware Analysis? First, you need an an...

Today we analyze a malicious, VBA Enabled Word Document. The auth...

Today we analyze a piece of malware that calls itself Choda Ranso...

Today we examine a quick malware analysis "life hack" t...

Today we analyze a variant of "Scareware" that poses as...

Today we demonstrate what a packer is, why it might be used, and ...

Today we demonstrate how to quickly analyze a suspicious PDF file...

Phishing remains one of the most pervasive threats to end-users. ...

Fsociety is a Monero (XMR) miner that uses multiple layers of tri...

With so many free security products on the market, it is hard to ...

Interested in exploit development or reverse engineering? Underst...

Svchost.js is a malicious, obfuscated JavaScript dropper respons...

GecisKodu.exe is a "Crack Me" challenge written in Tur...

DOC00039217.doc is a malicious Word document that utilizes VBA m...

FidRW.exe is a multi-stage demonstration binary designed for sec...

CVE-2017-0199 exploits a logical "Link Type" confusion...

OO.exe is a Remote Access Trojan (RAT) belonging to the Bladabin...

ElmersGlue is a ransomware application designed to "lock...