THREAT OPS › Threat News › Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
<ul><li>Analysis tools do not need AI built in to support agentic workflows; they simply need to expose their data through an external scripting interface. </li><li>Even traditional graphical user interface (GUI) applications can be made AI-accessible by publishing their internal object models, allowing agents to query and automate analysis without modifying the core appli
MITRE ATT&CK techniques
- Component Object ModelT1559.001
Indicators of compromise
- https://sandsprite.com/vbdec/url
- https://www.gendigital.com/blog/insights/research/scripting-arbitrary-vb6-applicationsurl
- https://sandsprite.com/vbdec/vbdec_ai.zipurl
- https://hex-rays.com/blog/interacting-with-ida-through-ipc-channelsurl
- storage.ghost.iodomain
Original source: https://blog.talosintelligence.com/scripting-the-disassembler/