Research & Development

ZYPHERION

We tear malware apart and build the tools to keep your code from getting torn apart. Every writeup, YARA rule, and reverse-engineering note we produce lives on GitHub — free, no paywall, no signup.

Read Our Research What we work on
Open-access research Anti-tamper tooling YARA & unpackers

Latest research

What we've been pulling apart

See all writeups
OBFUSCATORS·Jun 15, 2026

Runtime Bytecode Recovery of PyArmor 9.25

▶ 01-pipeline.mp4: end-to-end flow at a glance. Some background reading if you want it. None of it's required. You don't actually have to reverse PyArmor's format. Just let the ru…

12 min read
OBFUSCATORS·May 30, 2026

PyTiAbi - Python Src Level Obf

The file is built by a free Vietnamese obfuscator that credits itself as "AnhNguyenCoder x Mano x Duy Nhật(Ligga)" and brands its classes __PyTiㅤAbi__. In this post I want to...

13 min read
CAPTCHAS·May 23, 2026

CFSolver: A Small Browser As Mint Cloudflare Turnstile Solver

This is my first time reverse engineering a captcha, so some of the technical claims in this article might be wrong. If Cloudflare wants this post taken down, I will...

8 min read

What We Do

Two tracks: free research, paid tools.

The research stays open. The tools we'd want to buy ourselves are what we plan to sell.

Open Access

The research

Everything we publish — malware writeups, YARA rules, reverse-engineering notes — lives in a public GitHub repo. No paywall, no signup, no email capture.

  • Stealer, crypter, and loader breakdowns
  • Full writeups with samples and indicators
  • YARA rules you can drop into your stack
  • Free, forever — that's the deal
Coming Soon

The tools

A protection SDK, automated unpackers, and analysis utilities — the same engineering, productized. Sold separately when they're ready, not before.

  • Threat analysis utilities
  • Automated unpackers and extractors
  • Software protection SDK
  • RE accelerators

Commercial license — priced independently

Network

Join Our Community

Discord

Chat with us and other researchers

Telegram

New writeups posted as we ship them

Also on: