IM-LLVM-Pass
An LLVM module pass that mangles internal symbol names at the IR level using a seeded PRNG — making reverse engineering significantly harder without breaking program semantics.
Reverse-Engineering
Zyxel Firmware Analysis — Extraction, ZIP Cracking, and Credential Recovery
Full firmware analysis of a Zyxel network device: binwalk extraction of a squashfs filesystem, known-plaintext attack on the ZIP encryption with pkcrack, and hashcat-based credential recovery from shadow.basic.
LLVM Obfuscation Study — Secure-IC Internship
Comparative analysis of 4 LLVM-based obfuscators (O-LLVM, Hikari, Pluto, Tigress) benchmarked on AES code, followed by a PoC integration of Hikari into Secure-IC's Securyzr iSE firmware build chain.
Cerber Ransomware — Static & Dynamic Analysis Lab
Full analysis of a 2017 Cerber sample under Flare-VM and Cuckoo Sandbox — packed and unpacked, behavioral tracing from DLL loading to file encryption, real IoCs.