Margin Research Blog
Writings on Security, Research, and Technology
Entity Resolution in Reagent
One of the biggest challenges in many modern technologies is Entity Resolution, the practice of figuring out when two separate entities are actually the same thing, such as Git contributors. We leverage LLMs in our graph databases to solve this problem for GitHub contributors and more!
Analyzing Russian Internet Firm Yandex, Its Open-Source Code, and Its Global Contributors
Russian internet company Yandex has been in the news recently, and not just because it’s one of the leading and most globally reaching technology firms in Russia. The company, founded as a search engine in 2000 and now worth billions of dollars, announced plans in November 2022 to potentially
DGraph Post-Mortem Analysis
Margin Research’s Social Cyber project was originally hosted on a graph database (DB) technology called DGraph. In an unfortunate turn of events, DGraph ceased to exist as a company, requiring the Margin Research team to migrate our analysis tool to a different graph DB: Neo4J. This brought the question
Harness the Power of Cannoli: Implementing a Program Backtrace
So, you’ve heard about Cannoli, the high-performance tracing engine, but don’t know where to start. Perhaps you read the source code but don’t understand how to implement your analysis. Or maybe you’re someone who learns by example and finds inspiration in detailed walkthroughs. If so, this
Analyzing Russian SDK Pushwoosh and Russian Code Contributions
Reuters recently reported on November 16 that Pushwoosh, the maker of a software development kit (SDK), was falsely representing itself as an American company when in fact the technology company is based in Russia. Its code is reportedly used in thousands of Apple and Google app store applications, and the
smoothie_operator<<
Description This blog details a C++ heap exploitation challenge written for CSAW CTF Finals 2022. This challenge incorporates an OOB heap write primitive to corrupt heap metadata, creating a use-after-free (UAF) by clobbering the C++ std::shared_ptr struct. The challenge is a x86-64 ELF binary linked against glibc v2.
Russia’s Open-Source Code and Private-Sector Cybersecurity Ecosystem
Through our work on SocialCyber, we map sanctioned Russian cyber actors, their contributions to the linux kernel, and the private-sector firms supporting Russian cyber operations.
An opinionated guide on how to reverse engineer software, part 2
The best reverse engineer is also a very capable software developer. Why you may ask? Because almost no one reinvents the wheel.
Winternships and a new look
The website has gotten a facelift! If you've been to our site before you might notice some changes. The most significant change is in our blog backend, making sharing our great research and new tool releases easier with the internet. Another big shift is consolidating all of our presentation material,
