Opening Up the Samsung Q60 series smart TV https://labs.f-secure.com/blog/samsung-q60r-smart-tv-opening-up-the-samsung-q60-series-smart-tv/ #reverse #hardware #dukeBarman
Industry Standards to Support Supply Chain Risk Management for Firmware by NSA team https://published-prd.lanyonevents.com/published/rsaus20/sessionsFiles/18108/2020_USA20_SBX1-R1_01_Industry-Standards-to-Support-Supply-Chain-Risk-Management-for-Firmware.pdf #reverse #hardware #dukeBarman
Security analysis of memory tagging https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20memory%20tagging.pdf #reverse #exploitation #windows #dukeBarman
GitHub
MSRC-Security-Research/papers/2020/Security analysis of memory tagging.pdf at master Β· microsoft/MSRC-Security-Research
Security Research from the Microsoft Security Response Center (MSRC) - microsoft/MSRC-Security-Research
Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers https://github.com/hugsy/CFB #exploitation #windows #dukeBarman
Introduction to Malware Analysis and Reverse Engineering by University of Cincinnati (a lot of videos and another useful materials) https://class.malware.re/ #reverse #malware #dukeBarman
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
Article: https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/
Git: https://github.com/can1357/ByePg
#re #patchguard #bypass #windows #hvci #darw1n
Article: https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/
Git: https://github.com/can1357/ByePg
#re #patchguard #bypass #windows #hvci #darw1n
Can.ac
ByePg: Defeating Patchguard using Exception-hooking
Now I know what you are thinking, exception hooks? …in kernel-mode? Yes, it is certainly is not as easy as a mere call to β¦
XNU heap exploitation https://tihmstar.net/slides/XNU-heap-exploitation.pdf #exploitation #ios #nullcon #reverse #dukeBarman
Putting it all together: Building an iOS jailbreak from scratch https://speakerdeck.com/ur0/putting-it-all-together-building-an-ios-jailbreak-from-scratch #ios #exploitation #jailbreak #dukeBarman
Speaker Deck
Putting it all together: Building an iOS jailbreak from scratch
Presented at Nullcon Goa 2020.
iOS jailbreaks have always been shrouded in mystery, with their inner workings known only to a select few. In this talk, I embark upon a journey with the audience to lift the curtain and put together a semi-untethered iOSβ¦
iOS jailbreaks have always been shrouded in mystery, with their inner workings known only to a select few. In this talk, I embark upon a journey with the audience to lift the curtain and put together a semi-untethered iOSβ¦
Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection
https://www-users.cs.umn.edu/~kjlu/papers/fifuzz.pdf #fuzzing #dukeBarman
https://www-users.cs.umn.edu/~kjlu/papers/fifuzz.pdf #fuzzing #dukeBarman
Malware Evasion Encyclopedia, which contains over 50 techniques used by various malwares to detect virtualized and sandboxed environments.
https://evasions.checkpoint.com/
#re #malware #antivm #detection #redteam #darw1n
https://evasions.checkpoint.com/
#re #malware #antivm #detection #redteam #darw1n
Evasion techniques
Malware Evasion Encyclopedia
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
https://github.com/CheckPointSW/InviZzzible
#re #malware #antivm #detection #redteam #darw1n
https://github.com/CheckPointSW/InviZzzible
#re #malware #antivm #detection #redteam #darw1n
GitHub
GitHub - CheckPointSW/InviZzzible: InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way.β¦
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them....
Analysis of Latest Android Binder vulnerability (CVE-2020-0041)
Article:
https://www.synacktiv.com/posts/exploit/binder-analysis-and-exploitation-of-cve-2020-0041.html
Slides:
https://www.synacktiv.com/ressources/thcon2020_binder.pdf
#re #expdev #android #cve #mobile #darw1n
Article:
https://www.synacktiv.com/posts/exploit/binder-analysis-and-exploitation-of-cve-2020-0041.html
Slides:
https://www.synacktiv.com/ressources/thcon2020_binder.pdf
#re #expdev #android #cve #mobile #darw1n
Play fuzzing machine β hunting iOS/macOS kernel vulnerabilities automatically and smartly.
https://www.virusbulletin.com/virusbulletin/2020/03/vb2019-paper-play-fuzzing-machine-hunting-iosmacos-kernel-vulnerabilities-automatically-and-smartly/
#re #expdev #fuzzing #ios #macos #mobile #darw1n
https://www.virusbulletin.com/virusbulletin/2020/03/vb2019-paper-play-fuzzing-machine-hunting-iosmacos-kernel-vulnerabilities-automatically-and-smartly/
#re #expdev #fuzzing #ios #macos #mobile #darw1n
Virusbulletin
Virus Bulletin :: VB2019 paper: Play fuzzing machine β hunting iOS/macOS kernel vulnerabilities automatically and smartly
Since iOS 10, Apple has released the unpacked/decrypted kernel cache (*.ipsw), but the system source code, in particular the kernel and driver part, remain close-sourced. What is more, symbol info in the binary (kernel cache) has been greatly removed, whichβ¦
Reversing Firmware With Radare https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html #reverse #radare2 #hardware #newbie #dukeBarman
Bored Nerds Blog
Reversing Firmware With Radare
Hello everyone! Hereβs a quick guide on reversing firmware w/ radare. Or, rather, loading firmware into radare; the process of reversing software in any disassembler is a little beyond the scope of any one blog post.
Reversing Maldev.exe with Ghidra https://www.youtube.com/watch?v=uPlrtfnshGs #reverse #malware #ghidra #dukeBarman
YouTube
Reversing Maldev.exe with Ghidra
Reverse Engineer Maldev.exe with me using Ghidra!
Maldev is a homemade sample that connects to a listening controller server via TCP Socket. We will watch maldev.exe in action then Reverse Engineer it!
====================
Download maldev.exe at:
httβ¦
Maldev is a homemade sample that connects to a listening controller server via TCP Socket. We will watch maldev.exe in action then Reverse Engineer it!
====================
Download maldev.exe at:
httβ¦
Zelos (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform https://github.com/zeropointdynamics/zelos #reverse #dukeBarman
GitHub
GitHub - zeropointdynamics/zelos: A comprehensive binary emulation and instrumentation platform.
A comprehensive binary emulation and instrumentation platform. - zeropointdynamics/zelos