My Adversary Emulation Goes to the Moon… Until False Flag

Name: My Adversary Emulation Goes to the Moon… Until False Flag
Duration: 50 min
Description: "Adversary emulation" has become a marketing term rather than a technical discipline, and RETooling came to REcon 2025 to make that case sharply. In a talk that blended red team philosophy, LLVM inter

Antonio Villani, Silvio La Porta, Giulio Barabino

REcon 2025 · Day 3 · Main Track

"Adversary emulation" has become a marketing term rather than a technical discipline, and RETooling came to REcon 2025 to make that case sharply. In a talk that blended red team philosophy, LLVM inter

AI review

RETooling built a working LLVM re-implementation of APT41's Scatterbrain obfuscator, then turned around and broke Mandiant's own deobfuscator with three trivial modifications — that's not a thesis project, that's a funded research outcome dressed in academic clothes.

Watch on YouTube