Hiding .NET IL code from DnSpy with R2R Stomping
We create a .NET executable that hides code from decompilation and debugging with DnSpy by using a technique called R2R Stomping. Afterwards we explore how to analyse such samples and what effect it has on antivirus detection.
Malware course:
Checkpoint article:
Twitter:
00:00 Introduction
00:43 What is R2R Stomping
02:13 Compiling an R2R binary
04:17 Stomping the code
07:50 Verify that it works - debugging .NET Core
10:00 How to recognize R2R binaries
12:14 Determine if a file is stomped
13:49 Compiling singlefile executables
14:35 Analysing singlefile executables
17:09 Implications on antivirus detections and analysis verdicts
4 weeks ago 00:04:30 1
![Paramore: Now [OFFICIAL VIDEO]](https://sun9-58.userapi.com/c624717/u566163099/video/l_5f7eeee6.jpg)
1 month ago 00:03:02 1
3 months ago 00:04:14 1
![Paramore: Decode [OFFICIAL VIDEO]](https://sun9-52.userapi.com/G7KG1ajGahwGABGz4q15eek55eSA2GP28FJVjg/FMfZTzjWGrM.jpg)
4 months ago 00:00:30 31
4 months ago 00:03:13 2
4 months ago 00:24:42 4
4 months ago 00:00:28 64
4 months ago 00:03:29 1
4 months ago 00:00:47 76
4 months ago 00:00:00 1
4 months ago 00:04:00 1
4 months ago 00:10:06 1
4 months ago 00:01:13 4
4 months ago 00:08:39 1
4 months ago 00:11:36 1
4 months ago 00:01:37 1
![Hiding In The Blue [meme animation]](https://sun9-61.userapi.com/Fg-dokGDuJr0P9dtWVRgbG74JsSe7Rk_GQOWUw/Q6Ckor4UzyU.jpg)
4 months ago 00:00:00 209
![[Alya Sometimes Hides Her Feelings in Russian на русском] 1-ban Kagayaku Hoshi (Cover by Sati Akura)](https://sun9-45.userapi.com/cSB8-rlqLvghguFLLyTEOgwNgonwKVBqeSYmRQ/5ZosPUV3d5c.jpg)
4 months ago 00:23:30 1
4 months ago 00:03:31 1
4 months ago 00:03:49 1
![Motionless In White - Werewolf [Official Video]](https://sun9-6.userapi.com/t7RgFwfnu4I-nvI-i6ctn4_FJ9uMz0QaWDtVpg/b2cDfmZ7NNQ.jpg)
4 months ago 00:04:50 1
4 months ago 00:03:33 1
4 months ago 00:13:33 1
4 months ago 00:03:37 1
