Suite of IDA scripts for SEGA Genesis ROM hacking https://github.com/zznop/ida-genesis #reverse #ida #dukeBarman
GitHub
GitHub - zznop/ida-genesis: Suite of IDA scripts for SEGA Genesis ROM hacking
Suite of IDA scripts for SEGA Genesis ROM hacking. Contribute to zznop/ida-genesis development by creating an account on GitHub.
Ghidra - Journey from Classified NSA Tool to Open Source https://www.youtube.com/watch?v=kx2xp7IQNSc #reverse #ghidra #dukeBarman
YouTube
Ghidra - Journey from Classified NSA Tool to Open Source
This year was a momentous one for the National Security Agency (NSA) as we released our game-changing software reverse engineering (SRE) framework to the open source community: Ghidra. This was a long and arduous process and we want to give Black Hat attendees…
A Deep Dive Into Samsung's TrustZone (Part 2) https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html #reverse #android #dukeBarman
Quarkslab
A Deep Dive Into Samsung's TrustZone (Part 2) - Quarkslab's blog
In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.
r2con2019 - Windows Malware Analysis with r2 for Beginner https://www.youtube.com/watch?v=DnZLy_sq-nY #reverse #malware #radare2 #r2con #dukeBarman
YouTube
r2con2019 - Windows Malware Analysis with r2 for Beginner
Abraham Pasamar
This talk is intended as a guide for assistants to understand how to start analysing a PE malware binary.
This talk is intended as a guide for assistants to understand how to start analysing a PE malware binary.
AFL++2.59c released https://github.com/vanhauser-thc/AFLplusplus/releases/tag/2.59c #fuzzing #dukeBarman
GitHub
Release 2.59c · AFLplusplus/AFLplusplus
Version ++2.59c (release):
qbdi_mode: fuzz android native libraries via QBDI framework
unicorn_mode: switched to the new unicornafl, thanks domenukk
(see https://github.com/vanhauser-thc/unicorn)
...
qbdi_mode: fuzz android native libraries via QBDI framework
unicorn_mode: switched to the new unicornafl, thanks domenukk
(see https://github.com/vanhauser-thc/unicorn)
...
Material for a RE 101 class on Intel x64 binaries https://github.com/0xdidu/Reverse-Engineering-Intel-x64-101 #reverse #IDA #dukeBarman
GitHub
GitHub - 0xdidu/Reverse-Engineering-Intel-x64-101: Material for a RE 101 class on Intel x64 binaries
Material for a RE 101 class on Intel x64 binaries. Contribute to 0xdidu/Reverse-Engineering-Intel-x64-101 development by creating an account on GitHub.
Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM https://fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html #reverse #dukeBarman
fred's notes
Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM
The Amlogic S905 System-On-Chip is an ARM processor designed for video applications. It's widely used in Android/Kodi media boxes. The SoC implements the TrustZone security extensions to run a Trusted Execution Environment (TEE) that enables DRM & other security…
Here Be Dragons: Reverse Engineering with #Ghidra - Part 1 [Data, Functions & Scripts] https://www.shogunlab.com/blog/2019/12/22/here-be-dragons-ghidra-1.html #reverse #dukeBarman
Shogun Lab 将軍ラボ
Here Be Dragons: Reverse Engineering with Ghidra - Part 1 [Data, Functions & Scripts]
Welcome to the second part in a tutorial series on reverse engineering Windows binaries with Ghidra! In this post, we’ll be building on the concepts we learned in Part 0 and introduce some new topics
Reverse Engineering Go, Part II https://blog.osiris.cyber.nyu.edu/2019/12/19/ugo-ghidra-plugin/ #reverse #ghidra #dukeBarman
5 Ways to patch binaries with Cutter https://www.megabeets.net/5-ways-to-patch-binaries-with-cutter/ #reverse #radare2 #dukeBarman
Megabeets
5 Ways to patch binaries with Cutter
Cutter is a strong and modern Reverse Engineering framework that makes patching binaries a simple task - here are 5 ways to do so.
Porting guide from 6.* to 7.4 for IDAPython scripts https://www.hex-rays.com/products/ida/support/ida74_idapython_no_bc695_porting_guide.shtml #reverse #ida #dukeBarman
Hex-Rays
Porting guide for IDA 7.4 turning off IDA 6.x API backwards-compatibility by default | Hex-Rays Docs
Call for papers for 4th yearly conference of DC7831 in Nizhniy Novgorod
On February 15-16, 2020 our local DEF CON community is going to host our 4th yearly meetup (number 0x0C) as a full-scale 2-day conference. The event will happen in Nizhniy Novgorod, exact venue location will be announced later.
We invite speakers to make a talk or a workshop in the field of practical information security and hacking. We'd be glad to hear topics from both offensive and defensive perspectives. Examples of broad topics:
- Attacks against web services
- Vulnerabilities in networking protocols
- Vulnerabilitites in operating systems components
- Attacks against hardware
- Secure development practices
- Security audit methods
Also we'd be glad to hear about cryptography and security of cryptocurrencies, anonymous networks and other advanced and hacking topics. If you have something to talk about, don't hesitate to contact us:
telegram: @wsnark
email: wsnark 'at' tuta.io
Deadline: 1th of February, 2020
Talks can be performed in Russian or English.
We can help speakers with organizing their trip (tickets, hotel).
How it was last year: https://defcon-nn.ru/0x0A/
On February 15-16, 2020 our local DEF CON community is going to host our 4th yearly meetup (number 0x0C) as a full-scale 2-day conference. The event will happen in Nizhniy Novgorod, exact venue location will be announced later.
We invite speakers to make a talk or a workshop in the field of practical information security and hacking. We'd be glad to hear topics from both offensive and defensive perspectives. Examples of broad topics:
- Attacks against web services
- Vulnerabilities in networking protocols
- Vulnerabilitites in operating systems components
- Attacks against hardware
- Secure development practices
- Security audit methods
Also we'd be glad to hear about cryptography and security of cryptocurrencies, anonymous networks and other advanced and hacking topics. If you have something to talk about, don't hesitate to contact us:
telegram: @wsnark
email: wsnark 'at' tuta.io
Deadline: 1th of February, 2020
Talks can be performed in Russian or English.
We can help speakers with organizing their trip (tickets, hotel).
How it was last year: https://defcon-nn.ru/0x0A/
fn_fuzzy.py - IDAPython script for fast multiple binary diffing triage https://github.com/TakahiroHaruyama/ida_haru/tree/master/fn_fuzzy #reverse #ida #dukeBarman
GitHub
ida_haru/fn_fuzzy at master · TakahiroHaruyama/ida_haru
scripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.
JEB 3.7.0 Merry Xmas Edition by DimitarSerg
1. Maximum license type (copying, scripts, etc. work now).
2. Fixed integrity check #1.
3. Fixed integrity check #2.
4. All the telemetry has been cut out.
5. Removed the update checks and other shit that tries to connect to the Internet.
6. Added/reconstructed saving/loading project function.
7. Decompilation of missing opcodes for Android has been restored.
8. Restored display of variable values when hovering over them during debugging (Android).
9. Decompiling for other platforms was fixed (tested x86/x64, webAssembly, MIPS, ARM).
Instruction:
1. Replace the original JEB.jar with fixed.
2. Register it with Keygen (run it: java Keygen)
https://forum.reverse4you.org/t/11035
#re #mobile #tools #jeb #DimitarSerg
1. Maximum license type (copying, scripts, etc. work now).
2. Fixed integrity check #1.
3. Fixed integrity check #2.
4. All the telemetry has been cut out.
5. Removed the update checks and other shit that tries to connect to the Internet.
6. Added/reconstructed saving/loading project function.
7. Decompilation of missing opcodes for Android has been restored.
8. Restored display of variable values when hovering over them during debugging (Android).
9. Decompiling for other platforms was fixed (tested x86/x64, webAssembly, MIPS, ARM).
Instruction:
1. Replace the original JEB.jar with fixed.
2. Register it with Keygen (run it: java Keygen)
https://forum.reverse4you.org/t/11035
#re #mobile #tools #jeb #DimitarSerg
Suite of plugins that provide the ability to transfer analysis data between Binary Ninja and IDA https://github.com/zznop/bnida #reverse #ida #binaryninja #dukeBarman
GitHub
GitHub - zznop/bnida: Transfer analysis data between Binary Ninja and IDA
Transfer analysis data between Binary Ninja and IDA - zznop/bnida
Intel Processor Trace for System Management Mode (ring-2) code tracing.
English: https://sysenter-eip.github.io/intel_pt_smm
Russian: https://habr.com/en/company/dsec/blog/481692
#reverse #hardware #dukeBarman
English: https://sysenter-eip.github.io/intel_pt_smm
Russian: https://habr.com/en/company/dsec/blog/481692
#reverse #hardware #dukeBarman
Habr
Использование Intel Processor Trace для трассировки кода System Management Mode
Эта статья посвящена тестированию возможности использования технологии Intel Processor Trace (Intel PT) для записи трассы в System Management Mode (SMM) режиме. Работа была выполнена в рамках Summer...
Another XMas release - frida-fuzzer v1.2 https://github.com/andreafioraldi/frida-fuzzer/releases/tag/1.2 #reverse #fuzzing #frida #dukeBarman
GitHub
Release Release 1.2 · andreafioraldi/frida-fuzzer
Fuzzer queue cached in the process to minimize the exchanged messages and speedup remote fuzzing (e.g. Android via adb)
Stalker transform in CModule to speedup not-x64 targets
Support to fuzzer dic...
Stalker transform in CModule to speedup not-x64 targets
Support to fuzzer dic...