Watching list

This video demonstrates upgrading a MacBook Neo's soldered 256GB storage to a 1TB NAND chip sourced from an iPhone 16 Pro.

iOS's Lockdown Mode significantly bolsters security by restricting key attack vectors like Safari and iMessage. It disables JavaScript optimization and limits browser features, making exploits targeting these areas much harder.

• iOS Security
• Hardening

Attackers exploit JavaScript array vulnerabilities to achieve memory read and write capabilities within the browser renderer process. By leveraging the structure of these arrays, particularly the butterfly pointer, they can forge fake objects and manipulate memory access. This technique allows the exploit to bypass security restrictions and potentially lead to further attacks like native code execution.

• Mobile Security
• Software Exploits
• JavaScript
• iOS

This analysis examines an obfuscated JavaScript exploit targeting iOS Safari, part of the sophisticated Karuna spyware chain. The exploit leverages a JIT compilation bug to bypass bounds checks, enabling out-of-bounds array access. By manipulating the JIT compiler and exploiting heap structures, the malware achieves code execution.

• Mobile Security
• Software Exploits
• JavaScript
• iOS

This talk details the successful hacking of the Xbox One's boot ROM. Researchers employed hardware fault injection techniques, including voltage glitching and side-channel analysis, to bypass multiple security layers and achieve code execution.

• Hardware Security
• Console Hacking
• Fault Injection

A near-disaster was narrowly avoided when a sophisticated backdoor was discovered in the XZ compression library, a critical component of the Linux ecosystem. This vulnerability, meticulously crafted over two and a half years, could have granted unauthorized access to nearly any computer using OpenSSH, potentially compromising millions of systems worldwide.

• Supply Chain Security
• Linux
• OpenSSH

An old RPG called Vanetica crashes consistently when interacting with a specific character during dialogue, despite functioning properly elsewhere. Reverse engineering revealed the issue stemmed from an improperly configured camera transition, specifically a double pop operation that left a critical value uninitialized. The fix involved modifying a shared data file to correct corrupted data.

• Game Hacking
• Reverse Engineering
• Debugging

This video explores the intricate process behind a developer tool that hooks and swizzles methods across entire iOS frameworks, demonstrating how to dynamically intercept and modify method calls. The tutorial dives into memory remapping techniques, leveraging relative and absolute addressing to create self-replicating trampolines.

• iOS Security
• Reverse Engineering
• Hooking

This video details the process of reverse engineering a smart cooking pot, specifically the Krups Cook4Me, to run the video game Doom on its touchscreen interface. The device was disassembled to identify key components, including an ESP32 Wi-Fi module, an STM32 microcontroller, and a Renesas R7S72103 (or similar) main processor. Firmware was dumped, and the system was modified to support the game, resulting in a functional Doom experience running on the cooking pot's display and touch controls.

• IoT Security
• Embedded Systems
• Reverse Engineering

This video explores the inner workings of Denuvo DRM by analyzing its hardware-based checks in Formula 1 2016, a game using an early version of the system. The process involves bypassing Denuvo's token validation by reverse-engineering its virtualization layer (VMP2), patching CPU ID checks, and intercepting hardware ID reads to spoof system-specific data. The project highlights the complexity of Denuvo's anti-tamper mechanisms and the technical hurdles of reverse engineering obfuscated code.

• Game Hacking
• DRM Bypass
• Reverse Engineering
• Denuvo

This video demonstrates the vulnerability of a common Chinese GPS tracker, the GL 320 MG. The analysis reveals that the device transmits location data over cellular networks. By using a logic analyzer, the specific UART communication channel (PA2 and PA3) and baud rate (115200) are identified.

• IoT Security
• Hardware Security
• UART

This talk explores the security and accessibility of household appliances like washing machines, dryers, and dishwashers. Speakers demonstrate how to access internal components and discuss proprietary diagnostic tools like the MA Diagnostic Utility (MDU), which requires special hardware. The optical interface, present on many appliances, is analyzed for its UART communication protocol.

• IoT Security
• Hardware Security
• UART

This presentation investigates a widespread fraud in Germany's train ticket system, specifically targeting Deutsche Bahn tickets. Researchers discovered that tickets could be purchased cheaply using fake SEPA direct debit information, which bypasses immediate payment verification. The system only checks the payment validity days later, allowing fraudulent tickets to be issued before potential revocation.

• Cybersecurity
• Fraud
• Public Transport

The speaker discusses the challenge of running x86 software, such as games and applications, on ARM-based systems. This issue arises because many popular software titles are compiled for x86 architectures and are not easily adaptable to ARM platforms, despite the growing prevalence of ARM in devices like laptops and tablets. The solution presented is the FAX emulator, which tackles this problem by dynamically translating x86 instructions into ARM-compatible code at runtime. FAX employs a binary recompiler that translates x86 assembly instructions into ARM instructions, using an intermediate representation to optimize performance and minimize overhead.

• Emulation
• System Architecture
• Binary Recompilation

A security researcher details their journey hacking Free's Freebox HD set-top box from 2006 to restore disabled FTP download functionality. The exploit chain began with a buffer overflow vulnerability in PRBoom's save file handling, allowing arbitrary code execution. This was followed by discovering a stack-based overflow in the Linux kernel's HFS Plus filesystem driver to achieve privilege escalation. With root access obtained, the researcher bypassed the chroot jail, modified PVR configuration files to re-enable recording downloads, and explored the device's architecture including its IPsec networking, SSH access controls, and custom HTTP RPC interface.

• IoT Security
• Buffer Overflow
• Privilege Escalation

This talk explores a research project called 'WalledGardenLeaks,' which uncovered how the Great Firewall's DNS injectors can leak vast amounts of unfiltered internal network traffic. The researchers discovered that querying blocked domains in China could return responses containing leaked data from Injector 3, including internal network protocols like SSDP and UPnP, as well as user credentials. By sending millions of probes, they collected over 5 billion leaked packets, revealing sensitive information and internal management traffic.

• Network Analysis
• Cybersecurity

This video details the process of reverse engineering a sub-gigahertz remote for a smart fireplace to integrate it with Home Assistant. The creator initially struggled with tools like the Flipper Zero but found success using an SDR (Software Defined Radio) and the UR (Universal Radio Hacker) software. Key steps include identifying the remote's frequency and modulation, capturing and splitting signal segments, analyzing the data structure, and generating a replayable signal.

• IoT Security
• SDR
• Reverse Engineering

This video examines a vulnerability in iOS's image processing logic, specifically within the raw camera library used by applications like WhatsApp. The vulnerability was found to be exploited in the wild as a zeroclick exploit. A zeroclick exploit allows remote code execution on vulnerable iPhones without any user interaction, combining a flaw in WhatsApp that triggers image processing with a memory corruption issue in the DNG image format handler. The root cause was identified as a mishandled condition in the decoding logic, where incorrect image format parameters led to excessive looping and out-of-bounds memory writes.

• Mobile Security
• Software Exploits
• iOS

This video analyzes network traffic from the SuperBox Android set-top box, revealing that most communication uses unencrypted HTTP despite some TLS usage. The analysis exposes hardcoded lookups and clear-text data transmission for content distribution, raising security and privacy concerns.

• IoT Security
• Network Analysis

This video demonstrates using AI tools to reverse engineer and analyze the SuperBox S6 Pro app for malware. The process involves decompiling the APK with APKTool and Jadx, revealing excessive permissions, hardcoded URLs, and suspicious behavior.

• Malware Analysis
• IoT Security
• Reverse Engineering

This video demonstrates gaining root access to the SuperBox S6 Pro Android TV box to investigate potential malware. The process involves hardware hacking techniques including opening the device, locating the UART debug port, and using a logic analyzer to dump the firmware for security analysis.

• IoT Security
• Hardware Security
• Malware Analysis

This video demonstrates a vulnerability in a Chinese IP camera allowing remote takeover without authentication. The researcher found that certain ONVIF API endpoints, which should require authentication, are accessible without credentials. A custom tool, ONVIF Scan, was used to identify these insecure endpoints.

• IoT Security
• Pentesting

This video demonstrates the process of extracting firmware from a Chinese IP camera's flash chip using a XGecu reader. After identifying the flash chip model, the firmware is successfully read and analyzed using binwalk, revealing a writable JFS2 file system, a read-only squashfs file system, and a Linux kernel binary. During the analysis, a hardcoded password hash is discovered, and a vulnerable version of mini_httpd is identified with a buffer overflow vulnerability that could lead to memory disclosure.

• IoT Security
• Firmware Analysis
• Hardware Security

A 2-year experiment testing fast vs. slow charging on 40+ smartphones found minimal difference in battery degradation (around 0.5%). Keeping batteries between 30-80% helps slightly reduce wear. Modern batteries age slowly, with performance issues only appearing below 85-80% health.

• Electronics
• Battery Technology

This video demonstrates the fundamentals of IoT pentesting by obtaining root access via hardware interfaces. Starting with physical disassembly of an overseas IP camera, the presenter identifies a UART interface using specialized tools. By connecting to this interface, a root shell is gained, revealing hardcoded credentials and bootloader vulnerabilities.

• IoT Security
• Hardware Security
• UART

This talk explores dynamic library hijacking on macOS, explaining how attackers can inject malicious code by replacing legitimate libraries through exploiting load commands and runpath directories. It covers the attack methodology, Apple's security mitigations, and the historical evolution of protections against this threat.

• macOS Security
• Reverse Engineering
• Injection

This video demonstrates how to reverse engineer Bluetooth packets for smart home devices. It covers using developer options on Android devices to capture Bluetooth traffic via HCI snoop logs, extracting and analyzing these logs in Wireshark with specific filters like BTLE to isolate low energy packets, and understanding how devices communicate. The practical goal is crafting custom packets to send commands like turning devices on or off, achieved through Python scripting.

• IoT Security
• Bluetooth
• Network Analysis

This video explores reverse engineering and hacking a Unity game to modify gameplay. It demonstrates techniques such as using reflection to access game data, DLL hijacking to inject custom code, and hooking into the game's rendering engine to alter visuals. The process involves decompiling Unity's C# code, identifying key game mechanics like power-ups and slot machines, and overcoming debugging challenges.

• Game Hacking
• Reverse Engineering
• Unity

Researchers explored various methods to get banned in games without cheating, such as memory injection and kernel-level exploits, highlighting how modern anti-cheat systems can be bypassed or trigger bans through legitimate actions. They also demonstrated techniques to ban others by spoofing hardware IDs or using malicious software, emphasizing the real-world implications for game security and user accounts. The talk concluded that while some anti-cheat systems are resilient, creative approaches can still effectively circumvent them.

• Game Hacking
• Anti-Cheat
• Software Exploits

This talk explores the reverse engineering of Denuvo's anti-tamper protection in Hogwarts Legacy. It explains that Denuvo protects game licenses rather than preventing copying, using unique hardware fingerprints and runtime validation. The presenter details their bypass technique involving thousands of hooks to simulate valid fingerprints from another PC, resulting in a stable but patched game. The analysis shows minimal performance impact during gameplay but significant during transitions.

• Game Hacking
• DRM Bypass
• Reverse Engineering
• Denuvo

This video details the process of debugging and fixing a crashing issue in the 2006 point-and-click adventure game Keepsake. The issue involved memory corruption during gameplay, particularly when navigating through specific areas. The creator used debugging tools to analyze the problem, identified the root cause in a pathfinding algorithm, and implemented a binary patch to resolve the crashes.

• Game Hacking
• Reverse Engineering
• Debugging

This video explores the process of analyzing and bypassing the DRM protection in the old racing game, Michelin Rally Masters. The creator discovers the game uses a custom library called RLM32.dll to obfuscate Windows API calls, making debugging difficult. By using hardware breakpoints, they find a way to intercept and resolve these obfuscated calls without triggering the game's anti-debugging checks.

• Game Hacking
• DRM Bypass
• Reverse Engineering

This video explores the challenges of preserving and running old games, using the example of Discworld Noir, which has compatibility issues with modern systems due to outdated DRM and obfuscation techniques. The creator employs reverse engineering tools, debuggers, and decompilers to bypass these barriers, including patching anti-debug checks and creating emulated drivers to enable gameplay.

• Game Hacking
• DRM Bypass
• Reverse Engineering

This video shows upgrading the ASUS ROG Ally from 16GB to 32GB RAM by desoldering the original Micron chips and installing Samsung K3L KC0BM chips. The process requires specialized soldering tools and careful motherboard work.

• Electronics Repair
• Soldering
• Hardware Modding

An analysis of why an old real-time strategy game fails to start on Windows 11, focusing on a specific DLL loading issue. The game, released in 1998, gets stuck during initialization due to a bug in how Windows 11 handles DLL initialization threads, leading to a deadlock. The solution involved replacing the game's outdated draw.dll with a compatibility library that resolves the threading conflict.

• Game Hacking
• Reverse Engineering
• Compatibility

Apple intentionally included a private API within its widget system to support smooth animations in its own Clock app, despite previously restricting such features for third-party developers. This creates an uneven playing field, allowing Apple apps to bypass standard limitations. Developers have found workarounds, primarily using the built-in timer component with custom fonts to create animations, though achieving high frame rates remains challenging.

• iOS Security
• Reverse Engineering

A Windows 11 update caused crashes in the Alpha Centauri expansion 'Alien Crossfire' due to undefined behavior in the game code. The issue arises from the game relying on uninitialized stack memory, which was previously harmless due to a specific stack state. The update altered this state, leading to a crash. The problem stems from the game code rather than Windows itself. Solutions include a community mod or applying a patch to preserve the old behavior.

• Game Hacking
• Reverse Engineering

This video shows repairing a MacBook Air with a drilled M1 chip. The damage was too severe for chip reballing, requiring a full board swap by transferring the SOC from a compatible donor Mac.

• Electronics Repair
• Soldering
• Hardware Modding

This video explores the challenges of playing an old James Bond game due to its restrictive DRM. The creator attempts to bypass the activation system through various methods, including reverse engineering the key validation process. The game's reliance on outdated DRM, specifically SafeDisc, prevents it from running on modern operating systems, highlighting compatibility issues with legacy software.

• Game Hacking
• DRM Bypass
• Reverse Engineering

The video provides a detailed breakdown of key PC components such as the motherboard, graphics card, RAM, SSD, and HDD, emphasizing their electronic functions and interactions.

• Hardware
• PC Components

This video demonstrates a reverse engineering process focused on uncovering a vulnerability in a microcontroller that allows unauthorized access to its memory. Using specialized hardware like oscilloscopes and the ChipWhisperer-Husky, the presenter analyzes power consumption and signal timing to identify a fault injection point. The vulnerability, described as a zero-day issue, arises from how the chip handles power cycles versus simple resets, enabling an attacker to manipulate the chip's behavior.

• Hardware Security
• Microcontroller
• Fault Injection

This video explores the possibility of embedding a complete 3D game into a YouTube thumbnail image. The creator demonstrates how to compress game code and assets using techniques like procedural generation, compiler optimizations, and efficient OpenGL rendering. Starting from a basic 'hello world' example, the video shows how to progressively build a small FPS game within the 2MB PNG size limit, using simplified math functions, procedural textures, and instance rendering to minimize file size. The result is a functional, albeit minimalistic, game rendered entirely through the image.

• Game Hacking
• Reverse Engineering
• Steganography

This video demonstrates "Intercycle Cart Swapping", a technique that swaps NES cartridges between CPU cycles to manipulate the program counter. By swapping cartridges at precise moments during instruction execution, the video shows how to redirect the CPU to jump directly to Super Mario Bros. 3's victory screen, completing the game in just 5 microseconds from reset.

• Game Hacking
• Hardware Security

This video details the process of reverse engineering and modifying an old, obscure game called 'A Bugs Life'. The author discovers a peculiar installer that triggers an unexpected error, leading to a patching exercise. The game was designed to require a physical disc, but the author bypasses this by patching the executable to ignore a specific check and hooking a function to load files from a local drive instead of the CD. The game's manual contains unusual warnings about epilepsy and screen distance. The reverse engineering reveals a logging function that helps understand the game's runtime behavior.

• Game Hacking
• Reverse Engineering

This video explores how to debug iOS apps that implement strong protections against debugging, such as PT_DENY_ATTACH. It explains how PT_DENY_ATTACH works by exiting an app if a debugger is attached, and demonstrates two methods to bypass it. The first approach involves setting a breakpoint before the PT_DENY_ATTACH call in a simulator environment. The second, more advanced method, uses direct kernel-level system calls via inline assembly to replicate the same functionality without invoking the private API directly.

• iOS Security
• Reverse Engineering
• Anti-Debugging

This video explores the challenges of running an old video game blocked by DRM. The user initially tries a standard crack but finds it ineffective due to the game's anti-debugging and obfuscation techniques. Using a debugger (x64dbg), he intercepted the game's error message related to missing CD requirements and traced the issue back to a SecuROM DRM component. Further analysis reveals the game's executable is encrypted with a key stored on the original CD. The user then attempts to dump the executable and faces obfuscation designed to prevent analysis. To bypass the DRM, he developed a custom 32-bit debugger tool that automates the process of identifying and patching out the DRM checks by modifying function calls in memory.

• Game Hacking
• DRM Bypass
• Reverse Engineering

This video details the process of making an obscure 2000 game compatible with modern Windows systems, primarily Windows 11. Initial attempts resulted in a blank screen or crashes. The approach involved using a VM for safety, debugging tools to identify issues, and specialized software like cff Explorer and IDA to analyze the game's executable. Key techniques included modifying section permissions, hooking DirectDraw functions via code caves or manipulating the Import Address Table (IAT), and adjusting window creation parameters.

• Game Hacking
• Reverse Engineering
• Compatibility

This talk explores the process of reverse engineering Unity-based iOS games, detailing how Unity compiles C# code into C++ within its framework and uses metadata files like Global metadata.dat. The presenter demonstrates how tools like R2 and Frida can leverage this metadata to symbolicate code, debug gameplay mechanics, and even modify game behavior in memory for personal enhancement.

• Game Hacking
• iOS Security
• Reverse Engineering
• Unity

This video demonstrates upgrading the base M4 Mac mini's storage from 256GB to a larger capacity. The process involves disassembling the device and replacing the removable SSD modules, similar to the Mac Studio. The video includes benchmark tests showing the base model's performance with 16GB RAM.

• Electronics Repair
• Hardware Modding

This video details reverse engineering The Sims 2 to bypass its obsolete CD key validation. Using a debugger, the creator analyzes the key verification algorithm, overcomes anti-debugging protections, and replicates the validation logic in C++ to generate working keys, enabling the game to run on modern systems.

• Game Hacking
• DRM Bypass
• Reverse Engineering

Joseph Cox details the FBI's secret operation, Anom, which created and secretly managed encrypted phones to monitor criminal communications worldwide. The phones featured backdoors allowing FBI surveillance, were used by drug cartels and other criminals, and involved a complex global infrastructure.

• Cybersecurity
• Law Enforcement
• OpSec

This video details the process of running an outdated game, The Sims 2, which no longer receives support from its publisher. The journey begins with acquiring a CD rip of the game, but the installer requires a unique key that is not available. The creator uses a debugger to reverse engineer the key validation system, discovering a complex algorithm involving multiple transformations and checksums. After successfully replicating the key generation algorithm in C++, the focus shifts to bypassing the game's anti-debugging measures and a mysterious runtime unpacking mechanism.

• Game Hacking
• DRM Bypass
• Reverse Engineering

This video explores the process of modifying Diablo II, a game originally released in 1999, to render with modern graphics APIs. The core challenge involves reverse engineering the game's reliance on the Glide API, an older graphics interface not supported by modern hardware. The creator achieves this by creating a Glide emulation layer that translates the game's API calls into Vulkan, a modern graphics API. The process involves debugging, understanding API specifications, and handling specific game mechanics like texture loading and rendering commands.

• Game Hacking
• Reverse Engineering
• Vulkan

This video demonstrates upgrading a Mac Studio's storage from 512GB to 8TB using custom PCBs and blank NAND chips. Since Apple's proprietary modules can't be directly swapped, the process involves reballing 1TB NAND chips onto custom boards and letting the M1 Max's integrated storage controller configure them during system restore.

• Electronics Repair
• Hardware Modding

This video details the process of reverse engineering the AI decision-making in the original Age of Empires game. The creator explores assembly code and strings to understand how the AI determines what to build next, analyzes logging mechanisms, examines how different civilizations are configured for AI gameplay, and investigates specific functions related to AI tasks and player data. The reverse engineering involves patching code to test logging functionality and understanding how the AI's behavior is structured.

• Game Hacking
• Reverse Engineering

This exploration delves into reverse engineering the original Age of Empires game to understand its AI mechanics. Starting with analyzing AI files containing action instructions (like 'U' for unit, 'R' for research), the focus shifts to disassembling the game code using tools like Ghidra. Key findings include identifying the structure of AI commands, understanding how the game loads and processes these files, and figuring out how the AI determines priorities and executes actions.

• Game Hacking
• Reverse Engineering

iOS allows apps to provide alternate static icons via the setAlternateIconName API, which can be exploited to create a false animation effect. The method triggers a user alert upon each call, and doesn't work in the background. Reverse engineering the system code revealed that a private method, underscore_setAlternateIconName, handles the actual icon change without displaying the alert. By calling this private method directly, developers can bypass the alert and achieve smooth icon transitions, though background functionality remains limited.

• iOS Security
• Reverse Engineering

This video shows the restoration of an Apple Developer Transition Kit (DTK) with an A12Z chip that Apple damaged during recycling. The repair involves fixing a cut board and reinstalling removed NAND chips to restore functionality.

• Electronics Repair
• Hardware Modding

This video explores methods to hack the game Balatro by injecting custom code to achieve an impossible score. The creator examines the game's use of the LÖVE engine and its reliance on the LÖVE scripting language. Techniques include modifying the game's executable structure, embedding custom LÖVE code, and injecting code while the game is running. Specific steps involve patching LÖVE functions to intercept calls, detouring execution to save game state, and manipulating game mechanics like adding unlimited Jokers.

• Game Hacking
• Reverse Engineering
• Code Injection

The Disneyland app would freeze when users swiped to navigate back from a restaurant view, preventing interaction. Debugging revealed that iOS's parallax dimming view, which disables interaction during transitions, was being improperly managed by the app's viewDidAppear method, causing the freeze. A fix involved preventing the disabling of the swipe gesture recognizer during the transition, ensuring the app remains responsive.

• iOS Security
• Debugging
• Reverse Engineering

This video explores the challenge of playing an abandoned game due to publisher restrictions, using the example of 'Black and White'. The author discovers that the game requires a key for activation, but reverse engineering tools like IDA and x64dbg reveals the key validation algorithm. By analyzing the code, they understand the validation rules and use brute force techniques to generate a valid key.

• Game Hacking
• DRM Bypass
• Reverse Engineering

This video details the process of reverse engineering a horror game called 'I'm On Observation Duty' to detect anomalies without jump scares. The creator dislikes traditional horror elements and instead focuses on the game's core mechanic of monitoring multiple camera feeds for strange occurrences. The approach involves several steps: first, using a program to capture and compare screen images, but this fails due to the game's TV static effect. Then, decompiling the Unity game's C code reveals how anomalies are managed. Finally, dynamic memory analysis allows tracking the anomaly list in real-time, enabling automated detection and reporting.

• Game Hacking
• Reverse Engineering
• Dynamic Analysis

This video demonstrates how to bypass BitLocker disk encryption by physically accessing the Trusted Platform Module (TPM) chip on a laptop. By tapping into the LPC bus with a low-cost, self-built tool using a Raspberry Pi Pico, the encryption key can be extracted in under a minute once physical access is obtained.

• Hardware Security
• Encryption
• TPM

This video demonstrates upgrading soldered SSDs on Apple Silicon MacBooks that only support single drives, like the 128GB education M1 MacBook Air. The process involves removing the original SSD with heat, installing additional components (capacitors, resistors), and adding two 1TB SSDs to enable dual-SSD functionality.

• Electronics Repair
• Soldering
• Hardware Modding

This video explores the process of reverse engineering the TikTok iOS app to filter its content exclusively to cat videos. The creator outlines two main approaches: intercepting network requests to modify API responses, and analyzing the app's UI layer to identify the data source for posts. Initial attempts to intercept network traffic faced challenges like certificate pinning, leading to a shift toward debugging the UI layer using tools like lldb.

• iOS Security
• Reverse Engineering
• Network Analysis

This video demonstrates how to modify the TikTok iOS app to exclusively display cat videos by reverse engineering it. The presenter explores methods like intercepting network requests and debugging the UI layer to find the data source for the feed. After identifying the relevant data controller and its properties, they implement a filter using Objective-C method swizzling to modify the data source, ensuring only videos containing the word 'cat' are shown.

• iOS Security
• Reverse Engineering

This video explores the challenges of running a classic game, Worms 2, on modern Windows systems. Despite its release in 1997, the game fails to launch properly on Windows 11 due to legacy audio library dependencies. Through debugging tools, the creator identifies that the game is attempting to load audio files from a CD, a common practice back then but problematic on modern systems. A solution involves modifying a third-party DLL to redirect audio loading. Additionally, the creator delves into the game's code to understand why certain menu items are missing, tracing the menu rendering process and the button click handling mechanism.

• Game Hacking
• Reverse Engineering
• Compatibility

Researchers explored the possibility of accessing the JTAG interface on the iPhone 15 by leveraging USB-C's vendor-defined messages (VDM). Using an open-source hardware tool called Central Scrutinizer, combined with specific firmware adjustments and a USB power switch, they successfully established a two-pin Serial Wire Debug (SWD) connection. Although a full JTAG debugging capability wasn't achieved without an exploit, the SWD access represents a significant step towards low-level iPhone firmware exploration.

• Hardware Security
• iOS
• JTAG

This video shows how to upgrade an M1 Mac Mini's soldered SSD from 256GB to 2TB by desoldering the original NAND chips and installing new 1TB chips. The process involves careful desoldering, cleaning, reballing, and resoldering.

• Electronics Repair
• Soldering
• Hardware Modding

This video demonstrates how to bypass jailbreak detection in an iOS application by reverse engineering it with Hopper Disassembler. The process involves identifying the specific code responsible for checking jailbreak status and hex patching it to incorrectly report the device as non-jailbroken.

• iOS Security
• Reverse Engineering

The video examines the encryption mechanism within the WannaCry ransomware, detailing how it secured files for encryption and the methods used to reverse this process. It delves into the specific code sections responsible for the encryption routine, including the algorithms and structures employed.

• Malware Analysis
• Reverse Engineering
• Ghidra

The Game Boy's copy protection relies on a scrolling Nintendo logo loaded from the cartridge during boot-up. A vulnerability allows bypassing this protection by presenting a different logo during the initial load while returning the correct logo during the subsequent check. This was demonstrated by creating a custom FPGA cartridge exploiting the time-of-check-to-time-of-use flaw.

• Game Hacking
• Hardware Security
• Reverse Engineering

This video continues the analysis of the WannaCry malware by examining its embedded resources, RSA key handling, and decryption processes using Ghidra. Key findings include the decryption of an embedded .wannacry file with an RSA key, the extraction and use of an AES key derived from that decryption, and the loading and execution of a malicious DLL.

• Malware Analysis
• Reverse Engineering
• Ghidra

This video demonstrates how attackers can compromise IoT devices, specifically a $24 WiFi camera, by creating a malicious firmware upgrade. The demonstration reveals that if a device's firmware update process does not verify the authenticity of the upgrade, attackers can inject backdoors, enabling unauthorized remote access. The key takeaway is the critical importance of implementing secure firmware update mechanisms to prevent such vulnerabilities.

• IoT Security
• Pentesting
• Firmware Analysis

This video demonstrates the initial analysis of the WannaCry ransomware sample using Ghidra, starting with its behavior: encrypting files and displaying a ransom note. The analysis reveals a killswitch mechanism checking a specific domain, and the malware unpacking an embedded component into tasksche.exe, which is then executed. The embedded component creates a hidden directory, installs itself as a service, and retrieves additional components from the network.

• Malware Analysis
• Reverse Engineering
• Ghidra

This video demonstrates reverse engineering firmware encryption on a Moxa device by analyzing file structures, entropy, and disassembled code with Ghidra. Key findings include the use of AES-ECB mode for decryption, a pre-processing XOR operation, and the decryption process itself.

• Reverse Engineering
• Firmware Analysis
• Ghidra

This tutorial introduces Ghidra, a reverse engineering tool, by guiding users through the process of analyzing and decompiling a simple password-cracking challenge called 'easy reverse'.

• Reverse Engineering
• Tools
• Ghidra

This video details the process of reverse engineering the iOS game Temple Run 2, which uses Unity's il2cpp technology. The presenter utilizes tools like il2cppdumper, IDA Pro, and lldb to analyze the game's executable, resolve function names, bypass iOS ASLR by calculating memory offsets, and exploit a specific currency function to modify coin and gem counts arbitrarily.

• Game Hacking
• iOS Security
• Reverse Engineering
• Unity

This video demonstrates reverse engineering the Candy Crush Saga iOS game by connecting an iPhone to a Mac via SSH and using lldb for debugging alongside Hopper disassembler. The process involves debugging a running instance of the game, calculating memory addresses due to iOS's ASLR mechanism, identifying key functions like booster mechanics, and potentially modifying memory to alter game behavior.

• Game Hacking
• iOS Security
• Reverse Engineering

This tutorial demonstrates techniques for reverse engineering iOS applications from the App Store, focusing on disassembling ARM64 binaries to identify and modify code. It covers tools like Ghidra, Hopper, and IDA Pro for static analysis, along with dynamic debugging methods to bypass protections like code signing and runtime checks.

• iOS Security
• Reverse Engineering
• ARM Assembly

This video details the reverse engineering process of Hopper Disassembler revealing that its initial code view is fake and encrypted. The creator discovered that the dynamic loader decrypts the executable during loading, which can be intercepted by patching the load command. By inserting a jump to a custom function, they were able to decrypt the code and further modified the software using method swizzling to alter its functionality.

• Reverse Engineering
• Tools