“While at Blizzard, Elias did a multitude of amazing and extremely challenging technical things, many of which I believe are under NDA. His work often did things that sounded fantastical while also being very solid down to earth implementations that "just worked". It's rare to see someone with creative but pragmatic vision, while also having the technical ability to make it happen in a robust way. I also enjoyed his company wide technical presentations where he would share his knowledge and experience with the rest of us, as he was a specialist with a skill set that most of the company's engineers did not have.”
Elias Bachaalany
Redmond, Washington, United States
2K followers
500+ connections
Redmond, Washington, United States
2K followers
500+ connections
About
As a game security engineer at Microsoft, I have experience in working with various first…
Services
Activity
-
Last day at Objective by the Sea! Had a great time speaking about iOS decompilation. Lots of interesting talks this year! #OBTS
Last day at Objective by the Sea! Had a great time speaking about iOS decompilation. Lots of interesting talks this year! #OBTS
Liked by Elias Bachaalany
-
Kaspersky's GReAT open sourced their comprehensive IDA plugin for malware analysis dubbed hrtng, which they use "on a daily basis". The plugin…
Kaspersky's GReAT open sourced their comprehensive IDA plugin for malware analysis dubbed hrtng, which they use "on a daily basis". The plugin…
Liked by Elias Bachaalany
-
From Johannesburg to Nairobi, our tech team connected with amazing partners over the last two weeks, shared key technical updates, and mapped out an…
From Johannesburg to Nairobi, our tech team connected with amazing partners over the last two weeks, shared key technical updates, and mapped out an…
Liked by Elias Bachaalany
Experience
-
PassingTheKnowledge, LLC
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
-
American University of Science and Technology
-
Activities and Societies: I joined university late, and at a slow pace I graduated. Meanwhile I was *unofficially* tutoring students on Saturdays in the campus. Later after graduation I was *officially* giving lab sessions for C++ and Java students two times per week.
Studied Computer Science
Lab Assistant
Designed and implemented an open source interpreter language to teach programming
Licenses & Certifications
Publications
-
Batchography: The Art of Batch Files Programming
PassingTheKnowledge, LLC
See publicationLong gone are the days when you had to use search engines to jump from one website to another in order to figure out the syntax or how to solve a problem using a Batch file script. The Batchography book is a boon for system administrators, build engineers, programmers and home users alike. It takes you on a journey of re-discovery of the lost art of Batch files programming. Whether you are an experienced user or new to the language, you will be surprised by the clarity and the abundance of the…
Long gone are the days when you had to use search engines to jump from one website to another in order to figure out the syntax or how to solve a problem using a Batch file script. The Batchography book is a boon for system administrators, build engineers, programmers and home users alike. It takes you on a journey of re-discovery of the lost art of Batch files programming. Whether you are an experienced user or new to the language, you will be surprised by the clarity and the abundance of the material presented in this book. With more than 140 scripting recipes, you will learn about things that you never thought were possible to achieve using the Batch files scripting language. In the Batchography book, you will learn about: the basic concepts of Batch file scripting, data structures (Arrays, Stacks, Sets, Maps), Function calls and repetition control structures, Files and strings manipulation techniques, Debugging and troubleshooting tips, Coding conventions and testing methodologies. As a bonus, the book also includes the Hangman game completely written using the Batch files scripting language!
-
The Antivirus Hacker's Handbook
Wiley
Hack your antivirus software to stamp out future vulnerabilities
The Antivirus Hacker's Handbook guides you through the process of reverse engineering antivirus software. You explore how to detect and exploit vulnerabilities that can be leveraged to improve future software design, protect your network, and anticipate attacks that may sneak through your antivirus' line of defense. You'll begin building your knowledge by diving into the reverse engineering process, which details how to start…Hack your antivirus software to stamp out future vulnerabilities
The Antivirus Hacker's Handbook guides you through the process of reverse engineering antivirus software. You explore how to detect and exploit vulnerabilities that can be leveraged to improve future software design, protect your network, and anticipate attacks that may sneak through your antivirus' line of defense. You'll begin building your knowledge by diving into the reverse engineering process, which details how to start from a finished antivirus software program and work your way back through its development using the functions and other key elements of the software. Next, you leverage your new knowledge about software development to evade, attack, and exploit antivirus software—all of which can help you strengthen your network and protect your data.
While not all viruses are damaging, understanding how to better protect your computer against them can help you maintain the integrity of your network.
Discover how to reverse engineer your antivirus software
Explore methods of antivirus software evasion
Consider different ways to attack and exploit antivirus software
Understand the current state of the antivirus software market, and get recommendations for users and vendors who are leveraging this software
The Antivirus Hacker's Handbook is the essential reference for software reverse engineers, penetration testers, security researchers, exploit writers, antivirus vendors, and software engineers who want to understand how to leverage current antivirus software to improve future applications.Other authors -
-
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
John Wiley & Sons
Our reverse engineering book is out. Please buy it to learn how to analyze malware / rootkits and help hungry and less-than-fortunate kids around the world. Here is the back cover:
==Back cover==
LEARN THE SCIENCE AND CRAFT OF REVERSE ENGINEERING TO FIGHT HACKERS AND ROOTKITS
Criminals increasingly are using malicious software (exploits, viruses, rootkits, etc.) for fraud, denial-of-service, intrusions, and espionage operations. Reverse engineering is the only method to…Our reverse engineering book is out. Please buy it to learn how to analyze malware / rootkits and help hungry and less-than-fortunate kids around the world. Here is the back cover:
==Back cover==
LEARN THE SCIENCE AND CRAFT OF REVERSE ENGINEERING TO FIGHT HACKERS AND ROOTKITS
Criminals increasingly are using malicious software (exploits, viruses, rootkits, etc.) for fraud, denial-of-service, intrusions, and espionage operations. Reverse engineering is the only method to thoroughly dissect and understand such software. So it is no surprise that reverse engineering is one of the most important subjects in information security. Unfortunately, it is often perceived as a mysterious and complex black art. Although reverse engineering is a difficult subject, the authors believe there is a scientific approach to it. Practical Reverse Engineering aims to demystify the art and systematize the reverse-engineering process for students and professionals.
Discover a unique, systematic approach to reverse engineering that incorporates hands-on analysis with real-world malware
Find detailed coverage of the three most popular processor architectures: x86, x64, and ARM
Use this concise, structured treatment of the Windows kernel and kernel-mode drivers, featuring walk-throughs and exercises with real-world rootkits
Learn sophisticated code-obfuscation techniques, such as those used in virtual machine protections, and how to deobfuscate them using program-analysis techniques
Discover advanced debugging techniques to automate and streamline the reverse-engineering process
Apply newly learned concepts with complete walk-throughs and exercises using real-world malware
Other authors -
Patents
-
Matching Program Sections Through Feature Extraction
Issued US 20150317138
Various techniques for matching program sections are described herein. In one example, a method includes organizing a program into blocks based on control flow. The method also includes calculating a plurality of features for each block. The method further includes comparing the calculated features for each block with other blocks and creating a list of equivalent blocks. The method also further includes constructing a list of equivalent program sections utilizing the list of equivalent…
Various techniques for matching program sections are described herein. In one example, a method includes organizing a program into blocks based on control flow. The method also includes calculating a plurality of features for each block. The method further includes comparing the calculated features for each block with other blocks and creating a list of equivalent blocks. The method also further includes constructing a list of equivalent program sections utilizing the list of equivalent blocks.
Other inventors -
Projects
-
AllThingsIDA
- Present
I run the @allthingsida Youtube channel. Focus on teaching practical reverse engineering with IDA Pro and various reverse engineering tools.
-
IDA Plugins
-
I maintain various IDA Pro and Hex-Rays plugins on my GitHub Repo. Namely the `ida-scripts` plugin is one of the most successful productivity plugin out there.
-
TheBigPromptLibrary
-
An open source repository of various LLMs system prompts and custom instructions.
I have retrieved 700+ custom GPT instructions from ChatGPT GPT Store. One of a kind repository on the internet.
Languages
-
English
Native or bilingual proficiency
-
Arabic
Native or bilingual proficiency
-
French
Native or bilingual proficiency
-
German
Elementary proficiency
Recommendations received
3 people have recommended Elias
Join now to viewMore activity by Elias
-
Mark your calendars for #GitKon2024! I’m thrilled to share my thoughts on Automating Threat Modeling with AI at this free, virtual event hosted by…
Mark your calendars for #GitKon2024! I’m thrilled to share my thoughts on Automating Threat Modeling with AI at this free, virtual event hosted by…
Liked by Elias Bachaalany
-
I updated all host, exercise, and demo setups of my hypervisor class to the latest version of OSes (Ubuntu 24, Windows 11 24H2, and macOS 15). If…
I updated all host, exercise, and demo setups of my hypervisor class to the latest version of OSes (Ubuntu 24, Windows 11 24H2, and macOS 15). If…
Liked by Elias Bachaalany
-
What happens when your CPU has a buggy assembly instruction? Check out the latest LaurieWired video! We look at GhostWrite, a RISC-V vulnerability…
What happens when your CPU has a buggy assembly instruction? Check out the latest LaurieWired video! We look at GhostWrite, a RISC-V vulnerability…
Liked by Elias Bachaalany
-
Our team is hiring again: https://goo.gle/4hGr0Rn Great role doing some really impactful things, in our downtown Austin office. We do detection…
Our team is hiring again: https://goo.gle/4hGr0Rn Great role doing some really impactful things, in our downtown Austin office. We do detection…
Liked by Elias Bachaalany
-
This is a slightly edited re-upload of my interview with Stephen Sims, originally recorded on July 5th, 2024. In this interview, I talk about my…
This is a slightly edited re-upload of my interview with Stephen Sims, originally recorded on July 5th, 2024. In this interview, I talk about my…
Shared by Elias Bachaalany
-
We're sharing updates on #HyperDbg releases and debugging tips on #Bluesky and #Mastodon too! You can also follow us there. 😊 -…
We're sharing updates on #HyperDbg releases and debugging tips on #Bluesky and #Mastodon too! You can also follow us there. 😊 -…
Liked by Elias Bachaalany
-
Alexey is one of the best trainers. Those interested, please make use of this great opportunity to learn from the best.
Alexey is one of the best trainers. Those interested, please make use of this great opportunity to learn from the best.
Liked by Elias Bachaalany
-
"Hello, I'm Bill Gates, Chairman of Microsoft"
"Hello, I'm Bill Gates, Chairman of Microsoft"
Liked by Elias Bachaalany
-
Thanks Xeno Kovah and Dimitar Tomov for the chance to do the beta of TPM 1101 and 1102. I really enjoyed the course and can highly recommend…
Thanks Xeno Kovah and Dimitar Tomov for the chance to do the beta of TPM 1101 and 1102. I really enjoyed the course and can highly recommend…
Liked by Elias Bachaalany
Explore more posts
-
Ron F. Del Rosario
Andrew Ng’s take on California's proposed law SB-1047 is spot on: “There are many things wrong with this bill, but I’d like to focus here on just one: It defines an unreasonable “hazardous capability” designation that may make builders of large AI models potentially liable if someone uses their models to do something that exceeds the bill’s definition of harm (such as causing $500 million in damage). That is practically impossible for any AI builder to ensure. If the bill is passed in its present form, it will stifle AI model builders, especially open source developers. Some AI applications, for example in healthcare, are risky. But as I wrote previously, regulators should regulate applications rather than technology. Technology refers to tools that can be applied in many ways to solve various problems.Applications are specific implementations of technologies designed to meet particular customer needs. Safety is a property of applications, not a property of technologies (or models), as Arvind Narayanan and Sayash Kapoor have pointed out. Whether a blender is a safe one can’t be determined by examining the electric motor. A similar argument holds for AI.” #publicpolicy #policy #ai #machinelearning #ml #compliance #technology #society #sb1047 #opensourcesoftware #oss
-
Barry Greene
Are you scratching your head trying to figure out your new SBOM requirements? Our new phase of "Digitial Safety" will replace Cybersecurity with requirements seen in other fields of civic society. Knowing what is in your software, hardware, and silicon is no different from learning the materials used to build a skyscraper. SBOM requirements are inevitable. Check out Nigel Hanson's series of SBOM articles on Digitial Safety. https://lnkd.in/gYh-by7W . #sbom
-
Joseph Wyckoff
Remember, research the issues, and vote, if you have a right to do so. --- One task for the night - calling Ami Bera The Honorable Amerish Babulal Ami Bera , representative for the 6th Congressional District - Sacramento County. https://lnkd.in/dveC333a "Thank You for supporting Ukraine!" Sir - your politics and mine on internal issues of the United States probably do not align very well. But a quick review of your record suggests that you are responsible on international issues - and, indeed, on internal issues. Regardless of any other issues, I do very much want to thank you for supporting Ukraine. Ukraine is important to global food supplies. Ukraine is an important provider of energy, iron, coal, and other resources - interrupted not by internal Ukrainian squabbles - but interrupted by an arbitrary and genocidal war of Russian Empire. Ukraine does not supply those commodities to the United States - so Ukraine is irrelevant, right? Hardly. The key word is COMMODITY. If prices for wheat, for example, go up in international markets, prices will ALSO go up in the U.S. Russia is actively creating the inflation that your voters care about. All politics is local - as, for example, the cost of a loaf of bread - but if Russia restricts Ukrainian grain travelling to Africa, then the price of a U.S. loaf of bread goes up, as American grain finds its way in commodity markets, onto ships, and away to Africa. But, you know all that. We called you tonight, from the steps of Sacramento's capitol - to say thank you. I was in that crowd. I am NOT a Ukrainian or Russian - I am a (retired) American Soldier - proud of California and the United States for our continued support of the many Freedoms that the Ukrainians want to enjoy. 95660 - one for Ukraine, and Against Russia. Pro Israel, and against Trump, for what it is worth, so we are on side there, too...
-
Bill Alderson
🚨 Case Study Alert: How DigiCert Traced Incident Breadcrumbs for Swift Resolution 🚨 Explore how rapid threat detection and remediation can make the difference between a minor issue and a major breach. See the full story and how WireX Systems' advanced tools helped DigiCert react in minutes. #CyberSecurity #ThreatRemediation #IncidentResponse #WireXSystems #DigiCert"
-
Antoine Vastel
I did a deep dive into the browser fingerprint of an unmodified Headless Chrome instrumented with Puppeteer to see what are the main differences with a normal Chrome that still exists in 2024: https://lnkd.in/eSfUYpdR The usual inconsistencies, such as navigator.webdriver are still there (even though it can easily be deleted using--disable-blink-features=AutomationControlled) However, all the old inconsistencies I discussed in previous articles, such as the absence of navigator.languages and window.chrome, don't exist anymore.
4 Comments -
Kevin Thomas, CISSP, PCI QSA, CRISC, HITRUST
ICYMI | February writeup on the susceptibility of our critical infrastructure to drone attacks... Scary stuff indeed. What makes this even more of a concern is this excerpt from a critical infrastructure attack in California back in 2013. "The U.S. could suffer a coast-to-coast blackout if saboteurs knocked out just nine of the countries 55,000 electric transmission substations".... #criticalinfrastructure #criticalcontrols #riskmanagement #riskassessment #cybersecurity #infosec #nerc
-
Stanley Tsang
A large webshop fraud ring has been exposed, highlighting the importance of vigilance against online scams. The ring tricked victims into making fake purchases on bogus websites, stealing credit card information and attempting to process millions of dollars in fraudulent orders. They also resold stolen credit card details. This is a stark reminder of the ever-present threat of cybercrime. As security professionals, we can help educate our networks about online safety and best practices for identifying legitimate websites. #cybersecurity #webshopfraud #onlinesafety https://lnkd.in/ghzUiK4p
-
Jonathan Bar Or
#binarygolf is upon us, and it's time to blog about some #Linux shellcoding! Read how I employed a TSX egg-hunting technique, as well as giving up and performing execve eventually, making a 46-byte Linux shellcode that solves the challenge: https://lnkd.in/dhVVpqgq
2 Comments -
Himanshu A.
Big news in the SIEM world! #Exabeam and #LogRhythm are merging to create a powerhouse in security operations. Interesting to see how this will impact the market. https://lnkd.in/er2HvJwR #informationsecurity #SIEM #Exabeam #LogRhythm #Cybersecurity #SecurityOps
-
Shakeel Ali
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking: The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining https://lnkd.in/gxtKinAU
-
Gregory Netto Manley
Threat actors have leveled up their game with registered domain generation algorithms (RDGAs). Learn how they're exploiting this technique to register multiple domains at once, evading detection: https://gag.gl/IvgDm6 #Infoblox #RDGAs #DGAs #ThreatActors #Malware
-
Marcus Webster
#ArtificialIntelligence #Vulnerabilities A critical vulnerability in the PyTorch distributed RPC framework could be exploited for remote code execution. The post Critical PyTorch Vulnerability Can Lead to Sensitive AI Data Theft appeared first on SecurityWeek. https://lnkd.in/ghYd6gZA
-
Laurie Kirk
Ever wondered how your computer can run multiple programs at once? Check out the latest LaurieWired video where we explore the Atlas Supercomputer, Memory Management Units, Translation Lookaside Buffers, as well as Spatial and Temporal locality! https://lnkd.in/grBvHhxt
-
Rohit Agnihotri
Identity Deception in ITDR - Yes this is the old Honey Pots concepts There is another interesting concepts in ITDR called as Identity Deception, it is conceptually similar to honeypots used in networking. Both involve creating decoy elements designed to attract and engage potential attackers Honey Accounts: These are fake user accounts created within identity stores (like Active Directory) that are designed to attract attackers. When an unauthorized user attempts to access these accounts, it triggers alerts and allows security teams to respond quickly. Honeytokens: These are deceptive credential profiles placed in identity caches on endpoints. They serve as early warning signals when accessed by unauthorized users, helping to identify potential breaches before they escalate These identities should be known to your ITDR systems though, this is not a way of checking which ITDR tool is more effective. https://lnkd.in/e7ckJxGQ #TheIdentityNavigator #iam #ITDR #IdentityAndAccessManagement
2 Comments -
Daniel Wyleczuk-Stern
Been doing a bit more blogging lately. In my latest piece, I'll break down how threat detection is actually a component of a larger security monitoring function. I'll also break out the other pillars of security monitoring and why these distinctions matter. https://lnkd.in/ePvjtZDW
4 Comments
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Elias Bachaalany
-
Elias Bachaalany
CEO at AUTOMATIX , CDO at NEUVATEK
-
Elias Bachaalany
Responsable Achats, Stock, Logistique & Administration
-
Elias BACHAALANY
--
3 others named Elias Bachaalany are on LinkedIn
See others named Elias Bachaalany