IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE https://github.com/JonathanSalwan/X-Tunnel-Opaque-Predicates #ida #dukeBarman
GitHub
GitHub - JonathanSalwan/X-Tunnel-Opaque-Predicates: IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded…
IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE. Example with X-Tunnel. - JonathanSalwan/X-Tunnel-Opaque-Predicates
XPN's RpcEnum but based on IDA instead of Ghidra https://github.com/tsarpaul/RpcEnumIDA #ida #dukeBarman
GitHub
GitHub - tsarpaul/RpcEnumIDA: XPN's RpcEnum but based on IDA instead of Ghidra
XPN's RpcEnum but based on IDA instead of Ghidra. Contribute to tsarpaul/RpcEnumIDA development by creating an account on GitHub.
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra https://gist.github.com/nstarke/ed0aba2c882b8b3078747a567ee00520 #ghidra #reverse #dukeBarman
Gist
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra - 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Good news! New versions of #IDA will move to Python3 https://www.hex-rays.com/products/ida/support/ida74_idapython_python3.shtml #reverse #dukeBarman
Hex-Rays
IDAPython and Python 3 | Hex-Rays Docs
Extract annoations from Ghidra into an X32/X64 dbg database https://github.com/revolver-ocelot-saa/GhidraX64Dbg #reverse #ghidra #dukeBarman
GitHub
GitHub - revolver-ocelot-saa/GhidraX64Dbg: Extract annoations from Ghidra into an X32/X64 dbg database
Extract annoations from Ghidra into an X32/X64 dbg database - revolver-ocelot-saa/GhidraX64Dbg
TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets. https://taintinduce.github.io/ #reverse #taint #dukeBarman
taintinduce.github.io
TaintInduce Project Page
Attacking Hexagon: Security Analysis of Qualcomm's aDSP (RECON MONTREAL 2019) https://census-labs.com/news/2019/08/26/attacking-hexagon-security-analysis-of-qualcomms-adsp-recon-montreal-2019/ #reverse #dukeBarman
Census-Labs
CENSUS | Cybersecurity Engineering
Attending Recon 2019 was an amazing experience with many interesting talks. I would like to thank the organizers for the excellent event and I definitely hope to return next year.
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html #ios #jeisonwi
Blogspot
A very deep dive into iOS Exploit chains found in the wild
Posted by Ian Beer, Project Zero Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report se...
Binary symbolic execution with KLEE-Native https://blog.trailofbits.com/2019/08/30/binary-symbolic-execution-with-klee-native/ #reverse #dukeBarman
The Trail of Bits Blog
Binary symbolic execution with KLEE-Native
KLEE-Native, a fork of KLEE that operates on binary program snapshots by lifting machine code to LLVM bitcode.
Zero To RCE In Two Days - Exploiting Zoom on macOS https://gsec.hitb.org/materials/sg2019/D1%20COMMSEC%20-%20Zero%20to%20RCE%20in%20Two%20Days%20-%20Exploiting%20Zoom%20On%20macOS%20-%20Michael%20Gianarakis%20&%20Sean%20Yeoh.pdf #macos #dukeBarman
Reverse Taint Analysis Using Binary Ninja
https://blog.trailofbits.com/2019/08/29/reverse-taint-analysis-using-binary-ninja/ #reverse #dukeBarman
https://blog.trailofbits.com/2019/08/29/reverse-taint-analysis-using-binary-ninja/ #reverse #dukeBarman
The Trail of Bits Blog
Reverse Taint Analysis Using Binary Ninja
We open-sourced a set of static analysis tools, KRFAnalysis, that analyze and triage output from our system call (syscall) fault injection tool KRF. Now you can easily figure out where and why, KRF crashes your programs. During my summer internship at Trail…
ROP On x64: What's ret2csu Again? https://bananamafia.dev/post/x64-rop-redpwn/ #radare2 #CTF #exploit #dukeBarman
Automated ROP Chain Integrity https://bannedit.github.io/Automated-ROP-Chain-Integrity.html#Automated-ROP-Chain-Integrity #exploit #dukeBarman
bannedit's musings
Automated ROP Chain Integrity
In software engineering unit testing has become the norm. In the world of exploit development, testing and automation is lacking. This blog post will introduce a technique for automated testing of Return Oriented Programming (ROP) chain integrity. Admittedly…
lpe is a collection of verified Linux kernel exploits https://github.com/jollheef/lpe #exploit #dukeBarman
GitHub
GitHub - jollheef/lpe: collection of verified Linux kernel exploits
collection of verified Linux kernel exploits. Contribute to jollheef/lpe development by creating an account on GitHub.
BinDiff wrapper script for multiple binary diffing https://github.com/TakahiroHaruyama/ida_haru/tree/master/bindiff #reverse #dukeBarman
GitHub
ida_haru/bindiff at master · TakahiroHaruyama/ida_haru
scripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.
IDA loader for Apple 64 bits SecureROM, based on _argp's iBoot64helper https://github.com/matteyeux/srom64helper #ida #reverse #dukeBarman
GitHub
GitHub - matteyeux/srom64helper: use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced
use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced - matteyeux/srom64helper