Digital Forensic Researcher and Educator
ida-mcp 2.1.0 is out. This release focuses on making the LLM a more efficient analyst: fewer wasted tool calls, less context window consumed by tool...
Read more : ida-mcp 2.1: Progressive Tool Discovery, Background Analysis, and Batch OperationsAn 18-part deep dive into the Apple File System covering on-disk structures, B-Trees, encryption, and more.
View the series : APFS InternalsThe Model Context Protocol (MCP) lets LLMs call external tools, and for reverse engineers the obvious application is connecting an...
PSpice is a SPICE circuit simulator from Cadence Design Systems that encrypts proprietary semiconductor model files to protect vendor IP...
As 2022 ends, so does my APFS Advent Challenge. Deciding at the last minute to write this series of blogs...
As we discussed in an earlier post, Apple’s Fusion Drives combine the storage capacity of a hard disk drive (HDD)...
Our previous post covered how Object Maps facilitate the implementation of point-in-time Snapshots of APFS file systems by preserving File...
Now that we know how to parse the File System Tree, analyze keybags, and unwrap decryption keys, it’s time to...
This is a quick update to yesterday’s post on using std::experimental::simd to speed up APFS Fletcher-64 calculations. It turns out...
Today’s post will take on a bit of a different style than the previous posts in this series. Among other...
In our last post, we discussed both Volume and Container Keybags and how they protect wrapped Volume Encryption and Key...