Video and slides from #ZeroNights 2019 are published. Enjoy! https://zeronights.ru/en/materials-en/ #conference #dukeBarman
miasm v0.1.3 release. Now both python2 && python3 are supported!
https://github.com/cea-sec/miasm/releases #reverse #KosBeg
https://github.com/cea-sec/miasm/releases #reverse #KosBeg
GitHub
Releases Β· cea-sec/miasm
Reverse engineering framework in Python. Contribute to cea-sec/miasm development by creating an account on GitHub.
Black Hat USA 2019 videos https://www.youtube.com/playlist?list=PLH15HpR5qRsWrfkjwFSI256x1u2Zy49VI #blackhat #bh #dukeBarman
New important ability in Cutter (radare2 gui) - debugger!
Some of the currently supported features:
β£ Multiplatform native debugger
β£ Remote debugging using GDB or WinDbg
β£ Kernel debugging
β£ Attaching to a process
β£ STDIO interaction with debugge
β£ Stack, Registers, Backtrace, Memory map, breakpoints and more
β£ Support for multi-threading
β£ Stack and Registers inspection
β£ Backtrace
β£ and more ...
https://github.com/radareorg/cutter
P.S. Developers wait for your feedback!
#reverse #radare2 #debugger #dukeBarman
Some of the currently supported features:
β£ Multiplatform native debugger
β£ Remote debugging using GDB or WinDbg
β£ Kernel debugging
β£ Attaching to a process
β£ STDIO interaction with debugge
β£ Stack, Registers, Backtrace, Memory map, breakpoints and more
β£ Support for multi-threading
β£ Stack and Registers inspection
β£ Backtrace
β£ and more ...
https://github.com/radareorg/cutter
P.S. Developers wait for your feedback!
#reverse #radare2 #debugger #dukeBarman
Analyzing ELF Binaries with Malformed Headers (using r2 and new emulation framework - qiling)
https://binaryresearch.github.io/2019/09/17/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-1-Emulating-Tiny-Programs.html
https://binaryresearch.github.io/2019/12/11/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-2-Mapping-Program-Logic-with-Qiling-and-Graphviz.html
#reverse #dukeBarman
https://binaryresearch.github.io/2019/09/17/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-1-Emulating-Tiny-Programs.html
https://binaryresearch.github.io/2019/12/11/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-2-Mapping-Program-Logic-with-Qiling-and-Graphviz.html
#reverse #dukeBarman
Binary Research
Analyzing ELF Binaries with Malformed Headers Part 1 - Emulating Tiny Programs
A simple but often effective method for complicating or preventing analysis of an ELF binary by many common tools (gdb, readelf, pyelftools, etc) is mangling, damaging or otherwise manipulating values in the ELF header such that the tool parsing the headerβ¦
Launch radare2 from pwntools in tmux https://github.com/ps1337/pwntools-r2 #reverse #radare2 #dukeBarman
GitHub
GitHub - ps1337/pwntools-r2: Launch radare2 like a boss from pwntools in tmux
Launch radare2 like a boss from pwntools in tmux. Contribute to ps1337/pwntools-r2 development by creating an account on GitHub.
Suite of IDA scripts for SEGA Genesis ROM hacking https://github.com/zznop/ida-genesis #reverse #ida #dukeBarman
GitHub
GitHub - zznop/ida-genesis: Suite of IDA scripts for SEGA Genesis ROM hacking
Suite of IDA scripts for SEGA Genesis ROM hacking. Contribute to zznop/ida-genesis development by creating an account on GitHub.
Ghidra - Journey from Classified NSA Tool to Open Source https://www.youtube.com/watch?v=kx2xp7IQNSc #reverse #ghidra #dukeBarman
YouTube
Ghidra - Journey from Classified NSA Tool to Open Source
This year was a momentous one for the National Security Agency (NSA) as we released our game-changing software reverse engineering (SRE) framework to the open source community: Ghidra. This was a long and arduous process and we want to give Black Hat attendeesβ¦
A Deep Dive Into Samsung's TrustZone (Part 2) https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html #reverse #android #dukeBarman
Quarkslab
A Deep Dive Into Samsung's TrustZone (Part 2) - Quarkslab's blog
In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.
r2con2019 - Windows Malware Analysis with r2 for Beginner https://www.youtube.com/watch?v=DnZLy_sq-nY #reverse #malware #radare2 #r2con #dukeBarman
YouTube
r2con2019 - Windows Malware Analysis with r2 for Beginner
Abraham Pasamar
This talk is intended as a guide for assistants to understand how to start analysing a PE malware binary.
This talk is intended as a guide for assistants to understand how to start analysing a PE malware binary.
AFL++2.59c released https://github.com/vanhauser-thc/AFLplusplus/releases/tag/2.59c #fuzzing #dukeBarman
GitHub
Release 2.59c Β· AFLplusplus/AFLplusplus
Version ++2.59c (release):
qbdi_mode: fuzz android native libraries via QBDI framework
unicorn_mode: switched to the new unicornafl, thanks domenukk
(see https://github.com/vanhauser-thc/unicorn)
...
qbdi_mode: fuzz android native libraries via QBDI framework
unicorn_mode: switched to the new unicornafl, thanks domenukk
(see https://github.com/vanhauser-thc/unicorn)
...
Material for a RE 101 class on Intel x64 binaries https://github.com/0xdidu/Reverse-Engineering-Intel-x64-101 #reverse #IDA #dukeBarman
GitHub
GitHub - 0xdidu/Reverse-Engineering-Intel-x64-101: Material for a RE 101 class on Intel x64 binaries
Material for a RE 101 class on Intel x64 binaries. Contribute to 0xdidu/Reverse-Engineering-Intel-x64-101 development by creating an account on GitHub.
Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM https://fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html #reverse #dukeBarman
fred's notes
Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM
The Amlogic S905 System-On-Chip is an ARM processor designed for video applications. It's widely used in Android/Kodi media boxes. The SoC implements the TrustZone security extensions to run a Trusted Execution Environment (TEE) that enables DRM & other securityβ¦
Here Be Dragons: Reverse Engineering with #Ghidra - Part 1 [Data, Functions & Scripts] https://www.shogunlab.com/blog/2019/12/22/here-be-dragons-ghidra-1.html #reverse #dukeBarman
Shogun Lab ε°θ»γ©γ
Here Be Dragons: Reverse Engineering with Ghidra - Part 1 [Data, Functions & Scripts]
Welcome to the second part in a tutorial series on reverse engineering Windows binaries with Ghidra! In this post, weβll be building on the concepts we learned in Part 0 and introduce some new topics
Reverse Engineering Go, Part II https://blog.osiris.cyber.nyu.edu/2019/12/19/ugo-ghidra-plugin/ #reverse #ghidra #dukeBarman