Technical Blog

We’re excited to launch SigBreaker 1.0, a purpose-built binary diversification engine designed to disrupt static signature-based detection—without bloating binaries or hurting performance.

One of the standout features of BLARE is its Module Extension System, which allows us to statically link additional functions and data generated by llvm-msvc (our inhouse fork of llvm) into a pre-existing compiled program.

This article discusses the challenges any binary analysis framework will face with indirect control flow. It covers indirect calls, jump tables (indirect jumps), and details our approach.