Analysis of Tencent Legu: a packer for Android applications https://blog.quarkslab.com/a-glimpse-into-tencents-legu-packer.html #reverse #android #dukeBarman
Quarkslab
A Glimpse Into Tencent's Legu Packer - Quarkslab's blog
Analysis of Tencent Legu: a packer for Android applications.
FIDL - A sane API for IDA Pro's decompiler (library wrapping the Hex-Rays API)
Article: https://www.fireeye.com/blog/threat-research/2019/11/fidl-flare-ida-decompiler-library.html
Source: https://github.com/fireeye/FIDL
#reverse #IDA #dukeBarman
Article: https://www.fireeye.com/blog/threat-research/2019/11/fidl-flare-ida-decompiler-library.html
Source: https://github.com/fireeye/FIDL
#reverse #IDA #dukeBarman
Trellix
Research | Trellix Stories
Trellix Research, get the latest cybersecurity trends, best practices, security vulnerabilities, and more from industry leaders.
Researcher patois updated own #IDA plugins to Python3 support
- https://github.com/patois/IDACyber (Data Visualization Plugin)
- https://github.com/patois/genmc (display Hex-Rays Microcode)
- https://github.com/patois/IDAPyHelper (script template)
- https://github.com/patois/xray (colorizes and filters the decompiler's output based on regular expressions)
- https://github.com/patois/mrspicky (helps auditing calls to the
#reverse #dukeBarman
- https://github.com/patois/IDACyber (Data Visualization Plugin)
- https://github.com/patois/genmc (display Hex-Rays Microcode)
- https://github.com/patois/IDAPyHelper (script template)
- https://github.com/patois/xray (colorizes and filters the decompiler's output based on regular expressions)
- https://github.com/patois/mrspicky (helps auditing calls to the
memcpy() and memmove() functions)#reverse #dukeBarman
GitHub
GitHub - patois/IDACyber: Data Visualization Plugin for IDA Pro
Data Visualization Plugin for IDA Pro. Contribute to patois/IDACyber development by creating an account on GitHub.
Kali Linux 2019.4 Release
2019.4 includes some exciting new updates:
- A new default desktop environment, Xfce
- New GTK3 theme (for Gnome and Xfce)
- "Kali Undercover" mode
- Kali Documentation has a new home and is now Git powered
- Public Packaging – getting your tools into Kali
- Kali NetHunter KeX – Full Kali desktop on Android
- BTRFS during setup
- Added PowerShell
- The kernel is upgraded to version 5.3.9
- … Plus the normal bugs fixes and updates.
https://www.kali.org/news/kali-linux-2019-4-release/ #dukeBarman
2019.4 includes some exciting new updates:
- A new default desktop environment, Xfce
- New GTK3 theme (for Gnome and Xfce)
- "Kali Undercover" mode
- Kali Documentation has a new home and is now Git powered
- Public Packaging – getting your tools into Kali
- Kali NetHunter KeX – Full Kali desktop on Android
- BTRFS during setup
- Added PowerShell
- The kernel is upgraded to version 5.3.9
- … Plus the normal bugs fixes and updates.
https://www.kali.org/news/kali-linux-2019-4-release/ #dukeBarman
Kali Linux
Kali Linux 2019.4 Release (Xfce, Gnome, GTK3, Kali-Undercover, Kali-Docs, KeX, PowerShell & Public Packaging) | Kali Linux Blog
Time to grab yourself a drink, this will take a while!
We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4, which is available immediately for download.
2019.4 includes some exciting new updates:…
We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4, which is available immediately for download.
2019.4 includes some exciting new updates:…
How to make LLDB a real debugger https://reverse.put.as/2019/11/19/how-to-make-lldb-a-real-debugger/ #reverse #debugger #dukeBarman
Reverse Engineering
How to make LLDB a real debugger
These days the de facto debugger in macOS is LLDB. Apple’s old gdb fork doesn’t work anymore and the GNU gdb version is better these days but still quite meh (in the past it couldn’t deal with fat binary targets and I still think this holds true). So we are…
[Redhat2019] Kaleidoscope - use honggfuzz and qemu binary instrumentation for CTFs http://matshao.com/2019/11/11/Redhat2019-Kaleidoscope/ #reverse #CTF #dukeBarman
Mid Station
[Redhat2019] Kaleidoscope
这是连续第三届参加广东省的红帽杯比赛了,就题目质量来说明显是一届比一届高,看到这题万花筒惊喜之余也感叹国内的CTF比赛门槛真是越来越高了。作为一道基于解释器改编的题目,通过传统的逆向方法来做还是比较困难,因此分享一下用fuzzing来找到题目漏洞以及后续的分析利用。This challenge is from a CTF game of Guangdong province, China. It
WebRTC Security, Fuzzing, and more! (by natashenka) https://www.youtube.com/watch?v=-qdHAvPSRoo #reverse #fuzzing #dukeBarman
YouTube
WebRTC Security, Fuzzing, and more!
With increased usage of audio/video on our personal devices, concern with privacy and security rises. Project Zero is a Google lead initiative on WebRTC security and how to secure your application.
IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code https://github.com/fboldewin/COM-Code-Helper #reverse #IDA #dukeBarman
GitHub
GitHub - fboldewin/COM-Code-Helper: Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code - fboldewin/COM-Code-Helper
Gynvael's Reversing Challenge Writeup https://sudhackar.github.io/blog/gynvael-reversing-challenge-writeup #reverse #ctf #dukeBarman
sudhackar.github.io
Gynvael’s Reversing Challenge Writeup
gynvael submitted a challenge for winja CTF which was held onsite at Nullcon 2018. AFAIK no team there was able to solve it.
Solving a Hackfest2019 CTF challenge using #Radare2, ltrace, and #Ghidra https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-crack-me-0x03/ #reverse #ctf #dukeBarman
ZecOps Task-For-Pwn 0 Bounty: TFP0 POC on PAC-Enabled iOS Devices <= 12.4.2 https://blog.zecops.com/vulnerabilities/releasing-first-public-task-for-pwn0-tfp0-granting-poc-on-ios/ #reverse #ios #exploit #dukeBarman
Extending IDA processor modules for GDB debugging http://www.hexblog.com/?p=1371 #reverse #IDA #dukeBarman
IDA Pro Scripting Intro - Automate Dynamic Import Resolving for REvil Ransomware https://www.youtube.com/watch?v=R4xJou6JsIE #reverse #IDA #dukeBarman
YouTube
IDA Pro Scripting Intro - Automate Dynamic Import Resolving for REvil Ransomware
Join us for an introduction to IDA Python scripting. In this tutorial we automate resolving the dynamic imports for REvil ransomware. Expand for more...
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
OALABS…
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
OALABS…
Recover mutation chain from an AFL seed https://github.com/adrianherrera/afl-mutation-chain #fuzzing #dukeBarman
GitHub
GitHub - adrianherrera/afl-mutation-graph: Recover mutation graph from an AFL seed
Recover mutation graph from an AFL seed. Contribute to adrianherrera/afl-mutation-graph development by creating an account on GitHub.
MindShaRE: Hardware Reversing with the TP-Link TL-WR841N Router - Part 2 https://www.zerodayinitiative.com/blog/2019/12/2/mindshare-hardware-reversing-with-the-tp-link-tl-wr841n-router-part-2 #hardware #reverse #dukeBarman
Zero Day Initiative
Zero Day Initiative — MindShaRE: Hardware Reversing with the TP-Link TL-WR841N Router - Part 2
MindShaRE is our periodic look at various reverse engineering tips and tricks. The goal is to keep things small and discuss some everyday aspects of reversing. You can view previous entries in this series here .
Hashashin: A Fuzzy Matching Tool for Binary Ninja https://github.com/riverloopsec/hashashin #reverse #binaryninja #dukeBarman
GitHub
GitHub - riverloopsec/hashashin: Hashashin: A Fuzzy Matching Tool for Binary Ninja
Hashashin: A Fuzzy Matching Tool for Binary Ninja. Contribute to riverloopsec/hashashin development by creating an account on GitHub.
DefCamp 2019 videos https://www.youtube.com/watch?v=H5U22ew4IJg&list=PLnwq8gv9MEKiUOgrM7wble1YRsrqRzHKq #conference #defcamp #dukeBarman
YouTube
Opening speech with EMMANUEL CHAUTARD at DefCamp 2019
DefCamp is the most important conference on Hacking & Information Security in Central and Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field. Since 2011 it has been gathering decision makers, security specialists…
Extending Ghidra: from Script to Plugins and Beyond https://vimeo.com/377180466 #ghidra #reverse #dukeBarman
#r2con2019 - Who You Gonna Syscall? using automation to analyse protected iOS apps https://www.youtube.com/watch?v=qFLJjByneA4 #reverse #ios #dukeBarman
YouTube
r2con2019 - Who You Gonna Syscall? by Grant Douglas
Analyzing protected apps can be slow and painful and often you don't have a lot of time to spend on these activities. During this talk, we'll look at how we can use r2pipe to speed up some of the common tasks that help make reversing protected iOS apps even…