Statically Reverse Engineering Shellcode: Emulation https://0ffset.net/reverse-engineering/malware-analysis/emulating-shellcode-communications/ #reverse #ida #dukeBarman
0ffset Training Solutions | Practical and Affordable Cyber Security Training
Statically Reverse Engineering Shellcode: Emulation | 0ffset Training Solutions
This post is a continuation from my last one, where we reverse engineered the second stage of the shellcode, and replicated the API hashing routine. If you haven’t checked out that post, you can check it out here, and the one before that here! In this post…
Extracting Embedded Payloads From Malware https://medium.com/@ryancor/extracting-embedded-payloads-from-malware-aaca8e9aa1a9 #reverse #malware #ida #dukeBarman
Medium
Extracting Embedded Payloads From Malware
One of my all time favorite subfields of reverse engineering is the dissection of viruses. In this article I will be exploring malware…
The Art of Malware - Bringing the Dead back to life https://0x00sec.org/t/the-art-of-malware-bringing-the-dead-back-to-life/19599 #reverse #malware #dukeBarman
Opening Up the Samsung Q60 series smart TV https://labs.f-secure.com/blog/samsung-q60r-smart-tv-opening-up-the-samsung-q60-series-smart-tv/ #reverse #hardware #dukeBarman
Industry Standards to Support Supply Chain Risk Management for Firmware by NSA team https://published-prd.lanyonevents.com/published/rsaus20/sessionsFiles/18108/2020_USA20_SBX1-R1_01_Industry-Standards-to-Support-Supply-Chain-Risk-Management-for-Firmware.pdf #reverse #hardware #dukeBarman
Security analysis of memory tagging https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20memory%20tagging.pdf #reverse #exploitation #windows #dukeBarman
GitHub
MSRC-Security-Research/papers/2020/Security analysis of memory tagging.pdf at master · microsoft/MSRC-Security-Research
Security Research from the Microsoft Security Response Center (MSRC) - microsoft/MSRC-Security-Research
Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers https://github.com/hugsy/CFB #exploitation #windows #dukeBarman
Introduction to Malware Analysis and Reverse Engineering by University of Cincinnati (a lot of videos and another useful materials) https://class.malware.re/ #reverse #malware #dukeBarman
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
Article: https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/
Git: https://github.com/can1357/ByePg
#re #patchguard #bypass #windows #hvci #darw1n
Article: https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/
Git: https://github.com/can1357/ByePg
#re #patchguard #bypass #windows #hvci #darw1n
Can.ac
ByePg: Defeating Patchguard using Exception-hooking
Now I know what you are thinking, exception hooks? …in kernel-mode? Yes, it is certainly is not as easy as a mere call to …
XNU heap exploitation https://tihmstar.net/slides/XNU-heap-exploitation.pdf #exploitation #ios #nullcon #reverse #dukeBarman
Putting it all together: Building an iOS jailbreak from scratch https://speakerdeck.com/ur0/putting-it-all-together-building-an-ios-jailbreak-from-scratch #ios #exploitation #jailbreak #dukeBarman
Speaker Deck
Putting it all together: Building an iOS jailbreak from scratch
Presented at Nullcon Goa 2020.
iOS jailbreaks have always been shrouded in mystery, with their inner workings known only to a select few. In this talk, I embark upon a journey with the audience to lift the curtain and put together a semi-untethered iOS…
iOS jailbreaks have always been shrouded in mystery, with their inner workings known only to a select few. In this talk, I embark upon a journey with the audience to lift the curtain and put together a semi-untethered iOS…
Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection
https://www-users.cs.umn.edu/~kjlu/papers/fifuzz.pdf #fuzzing #dukeBarman
https://www-users.cs.umn.edu/~kjlu/papers/fifuzz.pdf #fuzzing #dukeBarman
Malware Evasion Encyclopedia, which contains over 50 techniques used by various malwares to detect virtualized and sandboxed environments.
https://evasions.checkpoint.com/
#re #malware #antivm #detection #redteam #darw1n
https://evasions.checkpoint.com/
#re #malware #antivm #detection #redteam #darw1n
Evasion techniques
Malware Evasion Encyclopedia
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
https://github.com/CheckPointSW/InviZzzible
#re #malware #antivm #detection #redteam #darw1n
https://github.com/CheckPointSW/InviZzzible
#re #malware #antivm #detection #redteam #darw1n
GitHub
GitHub - CheckPointSW/InviZzzible: InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way.…
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them....
Analysis of Latest Android Binder vulnerability (CVE-2020-0041)
Article:
https://www.synacktiv.com/posts/exploit/binder-analysis-and-exploitation-of-cve-2020-0041.html
Slides:
https://www.synacktiv.com/ressources/thcon2020_binder.pdf
#re #expdev #android #cve #mobile #darw1n
Article:
https://www.synacktiv.com/posts/exploit/binder-analysis-and-exploitation-of-cve-2020-0041.html
Slides:
https://www.synacktiv.com/ressources/thcon2020_binder.pdf
#re #expdev #android #cve #mobile #darw1n
Play fuzzing machine – hunting iOS/macOS kernel vulnerabilities automatically and smartly.
https://www.virusbulletin.com/virusbulletin/2020/03/vb2019-paper-play-fuzzing-machine-hunting-iosmacos-kernel-vulnerabilities-automatically-and-smartly/
#re #expdev #fuzzing #ios #macos #mobile #darw1n
https://www.virusbulletin.com/virusbulletin/2020/03/vb2019-paper-play-fuzzing-machine-hunting-iosmacos-kernel-vulnerabilities-automatically-and-smartly/
#re #expdev #fuzzing #ios #macos #mobile #darw1n
Virusbulletin
Virus Bulletin :: VB2019 paper: Play fuzzing machine – hunting iOS/macOS kernel vulnerabilities automatically and smartly
Since iOS 10, Apple has released the unpacked/decrypted kernel cache (*.ipsw), but the system source code, in particular the kernel and driver part, remain close-sourced. What is more, symbol info in the binary (kernel cache) has been greatly removed, which…
Reversing Firmware With Radare https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html #reverse #radare2 #hardware #newbie #dukeBarman
Bored Nerds Blog
Reversing Firmware With Radare
Hello everyone! Here’s a quick guide on reversing firmware w/ radare. Or, rather, loading firmware into radare; the process of reversing software in any disassembler is a little beyond the scope of any one blog post.