Confluent Developer Courses (developer.confluent.io)

1 points by saikatsg 26s ago 0 comments

Be a guest on the first AI-hosted podcast (ainterview.space)

1 points by TommyKid 42s ago 0 comments

What Does Consulting Do? (nber.org)

1 points by MrBuddyCasino 1m ago 0 comments

'In the Shadow of the Moon' Film Review (hollywoodreporter.com)

1 points by walterbell 1m ago 0 comments

Show HN: I built an API for extracting YouTube summaries, transcripts and stats (socialkit.dev)

1 points by geiger01 1m ago 0 comments

The Realities of Semantic Search (deepnoodle.ai)

1 points by myzie 2m ago 0 comments

Show HN: I built an AI agent that schedules meetings from Gmail and Slack (meetalphie.com)

2 points by Riphyak 3m ago 1 comments

Plex: Perturbation-Free Local Explanations for LLM-Based Text Classification (arxiv.org)

1 points by PaulHoule 4m ago 0 comments

Show HN: Typogram Studio – like Figma but for typography (typogram.co)

1 points by wentin 4m ago 0 comments

PagerDuty exploring potential sale after receiving buyer interest (reuters.com)

1 points by m-hodges 5m ago 0 comments

Show HN: Mock Interviews for Software Engineers (mockinterviews.dev)

1 points by fahimulhaq 6m ago 0 comments

Transcribe speech 100x faster and 100x cheaper with open models (modal.com)

1 points by thundergolfer 6m ago 0 comments

Bet on or Against the Unicorns (bloomberg.com)

1 points by ioblomov 6m ago 1 comments

Doco – Cursor for Microsoft Word (trydoco.com)

1 points by arittr 9m ago 0 comments

Is SoftBank Still Backing OpenAI? (wheresyoured.at)

3 points by samuli 11m ago 0 comments

Tesla signs $16.5B deal with Samsung to make AI chips (techcrunch.com)

1 points by skadamat 13m ago 0 comments

You can turn ANY AI SDR into a hacker

1 points by alex_varga 14m ago 0 comments

The Weakest Link Fallacy (cs.ru.nl)

1 points by mmsc 16m ago 0 comments

A quick note to our queer members (blog.nearlyfreespeech.net)

2 points by Vinnl 17m ago 0 comments

Show HN: C2hat – Cross-Domain Chat (chromewebstore.google.com)

1 points by pardnchiu 17m ago 0 comments

Claude Code new limits – Important updates to your Max account usage limits

43 points by ivanvas 20m ago 8 comments

GEPA: Reflective Prompt Evolution Can Outperform Reinforcement Learning (twitter.com)

1 points by LakshyAAAgrawal 20m ago 1 comments

Parallelizing AI Coding Agents (ainativedev.io)

1 points by gk1 23m ago 0 comments

How many NYT spelling bees are left? (gauthamsk.substack.com)

1 points by shrike_cultist 26m ago 0 comments

Claude Code weekly rate limits

20 points by thebestmoshe 30m ago 11 comments

Anthropic email to Max customers Re: Max account usage limits

3 points by kid64 30m ago 1 comments

Anthropic introduces new weekly limits for paid subs

3 points by tankenmate 30m ago 1 comments

React-three/viverse – for react and vanilla threejs (pmndrs.github.io)

1 points by BelaBohlender 30m ago 0 comments

New usage limits for Claude Code (twitter.com)

3 points by charliermarsh 30m ago 1 comments

Model2Vec as a Fasttext Alternative (minish.ai)

3 points by stephantul 31m ago 1 comments

Mouthwashing(2024) Shadowbanned on Itch.io (itch.io)

1 points by numpad0 32m ago 0 comments

UK-based Yasa claims world record with new 738bhp, 13.1kg motor (autocar.co.uk)

1 points by simonebrunozzi 33m ago 0 comments

Replacing cron jobs with a centralized task scheduler (mayhul.com)

2 points by tlf 34m ago 2 comments

Yes in My Bamako Yard (asteriskmag.com)

3 points by surprisetalk 35m ago 0 comments

Libfive: Solid modeling (CAD) library/tools with Scheme/Python bindings and GUI (libfive.com)

2 points by caseyavila 36m ago 1 comments

Are we building AI coding assistants wrong?

2 points by anaempromptu 37m ago 2 comments

Google Maps Is Going to Be Less Social Starting in September (pcmag.com)

2 points by taubek 39m ago 1 comments

Epoch Countdown (epochcountdown.org)

2 points by cmackenzie1 40m ago 0 comments

Shortcut beats first year analysts from McKinsey/Goldman head-to-head 89.1% (twitter.com)

1 points by amrrs 42m ago 0 comments

A Comprehensive Review of JFS (Journaled File System) (machaddr.substack.com)

2 points by sugarpimpdorsey 48m ago 0 comments

Interstellar Comet 3I/Atlas: What We Know Now (skyandtelescope.org)

17 points by bikenaga 48m ago 4 comments

Inequality and the Strategic Use of Clientelism in Divided Democracies (mdpi.com)

3 points by PaulHoule 48m ago 0 comments

Say Goodbye to the Internet as We Know It (europeanconservative.com)

9 points by nickslaughter02 50m ago 1 comments

Proximity to coastal waters is positively associated with life expectancy (sciencedirect.com)

3 points by geox 53m ago 0 comments

Giving Benchmarks a Boat (buttondown.com)

4 points by eatonphil 54m ago 0 comments

How to redraw a city – On land readjustment (worksinprogress.co)

1 points by baud147258 55m ago 0 comments

National security experts urge US admin to restrict Nvidia H20 sales to China (techcrunch.com)

5 points by rntn 55m ago 1 comments

Show HN: Party Goker – A minimal CLI planning poker tool for Scrum (github.com)

1 points by Mbauro 56m ago 0 comments

Visa and Mastercard are getting overwhelmed by gamer fury over censorship (polygon.com)

125 points by mrzool 1h ago 59 comments

Show HN: I built a free tool to clean up and export your Kindle highlights (clipvault.xyz)

1 points by krewl 1h ago 0 comments

Reverse engineered 90 legacy builder tools – created a YARA corpus

1 GokbakarE 0 7/28/2025, 1:13:24 PM

Over the past few months I manually emulated 94 legacy remote tool builder applications (often used to create unauthorized remote control frameworks during the 2000s–2010s) inside isolated QEMU sandboxes.

Each builder was used to generate a unique binary sample. I then:

    Wrote one variant-specific YARA rule per builder output

    Extracted PE metadata (sections, timestamps, entropy, IAT)

    Captured static capability signatures with CAPA

    Logged obfuscation artifacts via Detect It Easy (DIE)

    Committed everything granularly (1.1k commits) for traceability

The focus is not generic detection — it’s forensic fingerprinting of distinct builder families.

All samples were sandbox-generated (not recycled from VT or hybrid analysis). For ethical reasons, I do not share raw binaries, but I do provide structural hashes and extracted metadata.

The repo includes full documentation, including my QEMU workflow, rule methodology, and internal hash policy.

Repo link: https://github.com/GokbakarE/RuleSetRAT

I’m currently 15. Feedback from RE researchers and signature writers is welcome — especially if you’ve dealt with old tooling or variant detection in the wild.

Comments (0)

No comments yet