innovixus.tech
Request engagement →
INDEPENDENT PRACTICE · BUDAPEST, HU · ACCEPTING Q3 2026 ENGAGEMENTS

Adversary-grade
reverse engineering,
one engineer deep.

innovixus.tech is a Budapest-based reverse engineering practice. The work: native binaries, drivers, and untrusted code that ship inside modern desktop and mobile apps — examined, instrumented, and documented in writing. Engagements are taken one at a time.

Brief us on a binary See methodology
/01
A single engineer on every engagement, end to end.
/02
Fixed scope, written report, reproducible findings.
/03
Coordinated disclosure on the client's terms.
§ 01

What we are paid to find.

Two practice areas. Both billed against a fixed scope of work, both delivered with a written report suitable for engineering, legal, or board review. Engagements are taken one at a time.

A

Malware analysis

Triage and full reversing of suspicious native binaries — Windows PE, macOS Mach-O, Linux ELF, Android APK, iOS IPA — pulled from incidents, customer endpoints, or bundled third-party SDKs. Each engagement closes with a written account of behavior, network indicators, observed impact, and detection guidance.

  • ·Static + dynamic behavioral analysis
  • ·IOC + Yara + Sigma rule packages
  • ·Supply-chain compromise reconstruction
  • ·Incident-response handoff to your SOC
B

Vulnerability research

Offensive review of native applications — first-party products or third-party dependencies. Source-assisted or pure black-box, across desktop and mobile. Fuzz harnesses, scaled execution, root-cause analysis, and coordinated-disclosure-ready writeups under contracted terms.

  • ·Pre-release security review
  • ·Coverage-guided fuzzing campaigns
  • ·Exploit primitive identification + PoC
  • ·Coordinated disclosure & vendor liaison
§ 02

How an engagement runs.

Five phases. Every artifact moves through them in order. No phase begins without sign-off on the previous one's deliverable.