Analyzing ELF Binaries with Malformed Headers (using r2 and new emulation framework - qiling)
https://binaryresearch.github.io/2019/09/17/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-1-Emulating-Tiny-Programs.html
https://binaryresearch.github.io/2019/12/11/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-2-Mapping-Program-Logic-with-Qiling-and-Graphviz.html
#reverse #dukeBarman
https://binaryresearch.github.io/2019/09/17/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-1-Emulating-Tiny-Programs.html
https://binaryresearch.github.io/2019/12/11/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-2-Mapping-Program-Logic-with-Qiling-and-Graphviz.html
#reverse #dukeBarman
Binary Research
Analyzing ELF Binaries with Malformed Headers Part 1 - Emulating Tiny Programs
A simple but often effective method for complicating or preventing analysis of an ELF binary by many common tools (gdb, readelf, pyelftools, etc) is mangling, damaging or otherwise manipulating values in the ELF header such that the tool parsing the headerβ¦
Launch radare2 from pwntools in tmux https://github.com/ps1337/pwntools-r2 #reverse #radare2 #dukeBarman
GitHub
GitHub - ps1337/pwntools-r2: Launch radare2 like a boss from pwntools in tmux
Launch radare2 like a boss from pwntools in tmux. Contribute to ps1337/pwntools-r2 development by creating an account on GitHub.
Suite of IDA scripts for SEGA Genesis ROM hacking https://github.com/zznop/ida-genesis #reverse #ida #dukeBarman
GitHub
GitHub - zznop/ida-genesis: Suite of IDA scripts for SEGA Genesis ROM hacking
Suite of IDA scripts for SEGA Genesis ROM hacking. Contribute to zznop/ida-genesis development by creating an account on GitHub.
Ghidra - Journey from Classified NSA Tool to Open Source https://www.youtube.com/watch?v=kx2xp7IQNSc #reverse #ghidra #dukeBarman
YouTube
Ghidra - Journey from Classified NSA Tool to Open Source
This year was a momentous one for the National Security Agency (NSA) as we released our game-changing software reverse engineering (SRE) framework to the open source community: Ghidra. This was a long and arduous process and we want to give Black Hat attendeesβ¦
A Deep Dive Into Samsung's TrustZone (Part 2) https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html #reverse #android #dukeBarman
Quarkslab
A Deep Dive Into Samsung's TrustZone (Part 2) - Quarkslab's blog
In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.
r2con2019 - Windows Malware Analysis with r2 for Beginner https://www.youtube.com/watch?v=DnZLy_sq-nY #reverse #malware #radare2 #r2con #dukeBarman
YouTube
r2con2019 - Windows Malware Analysis with r2 for Beginner
Abraham Pasamar
This talk is intended as a guide for assistants to understand how to start analysing a PE malware binary.
This talk is intended as a guide for assistants to understand how to start analysing a PE malware binary.
AFL++2.59c released https://github.com/vanhauser-thc/AFLplusplus/releases/tag/2.59c #fuzzing #dukeBarman
GitHub
Release 2.59c Β· AFLplusplus/AFLplusplus
Version ++2.59c (release):
qbdi_mode: fuzz android native libraries via QBDI framework
unicorn_mode: switched to the new unicornafl, thanks domenukk
(see https://github.com/vanhauser-thc/unicorn)
...
qbdi_mode: fuzz android native libraries via QBDI framework
unicorn_mode: switched to the new unicornafl, thanks domenukk
(see https://github.com/vanhauser-thc/unicorn)
...
Material for a RE 101 class on Intel x64 binaries https://github.com/0xdidu/Reverse-Engineering-Intel-x64-101 #reverse #IDA #dukeBarman
GitHub
GitHub - 0xdidu/Reverse-Engineering-Intel-x64-101: Material for a RE 101 class on Intel x64 binaries
Material for a RE 101 class on Intel x64 binaries. Contribute to 0xdidu/Reverse-Engineering-Intel-x64-101 development by creating an account on GitHub.
Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM https://fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html #reverse #dukeBarman
fred's notes
Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM
The Amlogic S905 System-On-Chip is an ARM processor designed for video applications. It's widely used in Android/Kodi media boxes. The SoC implements the TrustZone security extensions to run a Trusted Execution Environment (TEE) that enables DRM & other securityβ¦
Here Be Dragons: Reverse Engineering with #Ghidra - Part 1 [Data, Functions & Scripts] https://www.shogunlab.com/blog/2019/12/22/here-be-dragons-ghidra-1.html #reverse #dukeBarman
Shogun Lab ε°θ»γ©γ
Here Be Dragons: Reverse Engineering with Ghidra - Part 1 [Data, Functions & Scripts]
Welcome to the second part in a tutorial series on reverse engineering Windows binaries with Ghidra! In this post, weβll be building on the concepts we learned in Part 0 and introduce some new topics
Reverse Engineering Go, Part II https://blog.osiris.cyber.nyu.edu/2019/12/19/ugo-ghidra-plugin/ #reverse #ghidra #dukeBarman
5 Ways to patch binaries with Cutter https://www.megabeets.net/5-ways-to-patch-binaries-with-cutter/ #reverse #radare2 #dukeBarman
Megabeets
5 Ways to patch binaries with Cutter
Cutter is a strong and modern Reverse Engineering framework that makes patching binaries a simple task - here are 5 ways to do so.
Porting guide from 6.* to 7.4 for IDAPython scripts https://www.hex-rays.com/products/ida/support/ida74_idapython_no_bc695_porting_guide.shtml #reverse #ida #dukeBarman
Hex-Rays
Porting guide for IDA 7.4 turning off IDA 6.x API backwards-compatibility by default | Hex-Rays Docs
Call for papers for 4th yearly conference of DC7831 in Nizhniy Novgorod
On February 15-16, 2020 our local DEF CON community is going to host our 4th yearly meetup (number 0x0C) as a full-scale 2-day conference. The event will happen in Nizhniy Novgorod, exact venue location will be announced later.
We invite speakers to make a talk or a workshop in the field of practical information security and hacking. We'd be glad to hear topics from both offensive and defensive perspectives. Examples of broad topics:
- Attacks against web services
- Vulnerabilities in networking protocols
- Vulnerabilitites in operating systems components
- Attacks against hardware
- Secure development practices
- Security audit methods
Also we'd be glad to hear about cryptography and security of cryptocurrencies, anonymous networks and other advanced and hacking topics. If you have something to talk about, don't hesitate to contact us:
telegram: @wsnark
email: wsnark 'at' tuta.io
Deadline: 1th of February, 2020
Talks can be performed in Russian or English.
We can help speakers with organizing their trip (tickets, hotel).
How it was last year: https://defcon-nn.ru/0x0A/
On February 15-16, 2020 our local DEF CON community is going to host our 4th yearly meetup (number 0x0C) as a full-scale 2-day conference. The event will happen in Nizhniy Novgorod, exact venue location will be announced later.
We invite speakers to make a talk or a workshop in the field of practical information security and hacking. We'd be glad to hear topics from both offensive and defensive perspectives. Examples of broad topics:
- Attacks against web services
- Vulnerabilities in networking protocols
- Vulnerabilitites in operating systems components
- Attacks against hardware
- Secure development practices
- Security audit methods
Also we'd be glad to hear about cryptography and security of cryptocurrencies, anonymous networks and other advanced and hacking topics. If you have something to talk about, don't hesitate to contact us:
telegram: @wsnark
email: wsnark 'at' tuta.io
Deadline: 1th of February, 2020
Talks can be performed in Russian or English.
We can help speakers with organizing their trip (tickets, hotel).
How it was last year: https://defcon-nn.ru/0x0A/
fn_fuzzy.py - IDAPython script for fast multiple binary diffing triage https://github.com/TakahiroHaruyama/ida_haru/tree/master/fn_fuzzy #reverse #ida #dukeBarman
GitHub
ida_haru/fn_fuzzy at master Β· TakahiroHaruyama/ida_haru
scripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.