The 'S' in Zoom, Stands for Security uncovering (local) security flaws in Zoom's latest macOS client https://objective-see.com/blog/blog_0x56.html #exploit #macos #dukeBarman
objective-see.org
The 'S' in Zoom, Stands for Security
uncovering (local) security flaws in Zoom's latest macOS client
Extracted intel x86 microcode: Five Intel Microcode (uCode) Sequencer's arrays for Atom Goldmont https://github.com/chip-red-pill/glm-ucode #reverse #hardware #dukeBarman
GitHub
GitHub - chip-red-pill/glm-ucode: GLM uCode dumps
GLM uCode dumps . Contribute to chip-red-pill/glm-ucode development by creating an account on GitHub.
Extracting ROM constants from the 8087 math coprocessor's die http://www.righto.com/2020/05/extracting-rom-constants-from-8087-math.html #reverse #hardware #dukeBarman
Righto
Extracting ROM constants from the 8087 math coprocessor's die
Intel introduced the 8087 chip in 1980 to improve floating-point performance on the 8086 and 8088 processors, and it was used with the ori...
Writing an optimizing IL compiler, for dummies, by a dummy: 0x1 Symbolic Expressions Article: https://blog.can.ac/2020/04/11/writing-an-optimizing-il-compiler-for-dummies-by-a-dummy/ #reverse #dukeBarman
blog.can.ac
Writing an optimizing IL compiler, for dummies, by a dummy: 0x1 Symbolic Expressions
<p>Before I begin this series of blog posts, I would like to add a small disclaimer. I have no prior experience or academic knowledge when it comes to compiler development so I might not use the corre
VTIL Project - VTIL (Virtual-machine Translation Intermediate Language) Project is a set of tools that can be used for binary deobfuscation and devirtualization. https://github.com/vtil-project #reverse #dukeBarman
GitHub
VTIL Project
VTIL (Virtual-machine Translation Intermediate Language) Project is a set of tools that can be used for binary deobfuscation and devirtualization. - VTIL Project
InputScope - a tool that automatically detects both the execution context of user input validation and also the content involved in the validation, to automatically expose the secrets of interest https://github.com/OSUSecLab/InputScope #reverse #android #dukeBarman
GitHub
GitHub - OSUSecLab/InputScope: A tool that automatically detects both the execution context of user input validation and also theβ¦
A tool that automatically detects both the execution context of user input validation and also the content involved in the validation, to automatically expose the secrets of interest. - OSUSecLab/I...
Radare2 gui - Cutter team publishes Community Survey for 2020! π₯³ Whether you are using Cutter or not, plz, take 5 minutes to help developers improve Cutter for you https://cutter.re/cutter-community-survey-2020 #reverse #radare2 #dukeBarman
Cutter
Cutter Community Survey 2020
Our 2020 community survey is here and this is our opportunity to get to know you better.
Hacking Reolink cameras for fun and profit https://www.thirtythreeforty.net/posts/2020/05/hacking-reolink-cameras-for-fun-and-profit/ #reverse #hardware #ghidra #dukeBarman
www.thirtythreeforty.net
Hacking Reolink cameras for fun and profit
Dragging Reolink, kicking and screaming, into the light of the open-standards day
GhostDNS Source Code Leaked - analyse from Avast Team https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/ #reverse #malware #dukeBarman
Documentation and notes on using the Hiew editor https://github.com/taviso/hiewdocs/ #reverse #dukeBarman
GitHub
GitHub - taviso/hiewdocs: Documentation and notes on using the Hiew editor.
Documentation and notes on using the Hiew editor. Contribute to taviso/hiewdocs development by creating an account on GitHub.
Reinventing Vulnerability Disclosure using Zero-knowledge Proofs https://blog.trailofbits.com/2020/05/21/reinventing-vulnerability-disclosure-using-zero-knowledge-proofs/ #exploitation #dukeBarman
The Trail of Bits Blog
Reinventing Vulnerability Disclosure using Zero-knowledge Proofs
We, along with our partner Matthew Green at Johns Hopkins University, are using zero-knowledge (ZK) proofs to establish a trusted landscape in which tech companies and vulnerability researchers can communicate reasonably with one another without fear of beingβ¦
MOpt-AFL provided by the paper "MOPT: Optimized Mutation Scheduling for Fuzzers" https://github.com/puppet-meteor/MOpt-AFL #fuzzing #dukeBarman
GitHub
GitHub - puppet-meteor/MOpt-AFL: MOpt-AFL provided by the paper "MOPT: Optimized Mutation Scheduling for Fuzzers"
MOpt-AFL provided by the paper "MOPT: Optimized Mutation Scheduling for Fuzzers" - puppet-meteor/MOpt-AFL
Safe-Linking β Eliminating a 20 year-old malloc() exploit primitive https://research.checkpoint.com/2020/safe-linking-eliminating-a-20-year-old-malloc-exploit-primitive/ #exploitation #dukeBarman
Check Point Research
Safe-Linking - Eliminating a 20 year-old malloc() exploit primitive - Check Point Research
Research by: Eyal Itkin Overview One of our goals for every research project we work on in Check Point Research is to get an intimate understanding of how software work: What components do they contain? Are they vulnerable? How can attackers exploit theseβ¦
idados debugger plugin (DOSBOX+IDA) https://github.com/lab313ru/idados_dosbox #reverse #ida #debugger #dukeBarman
GitHub
GitHub - lab313ru/idados_dosbox: idados debugger plugin (DOSBOX+IDA)
idados debugger plugin (DOSBOX+IDA). Contribute to lab313ru/idados_dosbox development by creating an account on GitHub.
Magic [probably] behind Hex-Rays https://engineering.avast.io/magic-probably-behind-hex-rays/ #reverse #ida #dukeBarman
Basics of hardware hacking - this course shows the basics of hardware hacking using password auhenticaton code as an example https://maldroid.github.io/hardware-hacking/ #reverse #hardware #dukeBarman
Basics of hardware hacking
Welcome!
This course shows the basics of hardware hacking using password auhenticaton code as an example.Created by @maldr0id
Batch Binary Analysis with IDA Pro 7.4 Automation http://irq5.io/2020/05/25/batch-binary-analysis-with-ida-pro-7-4-automation/ #reverse #ida #dukeBarman
irq5.io
Batch Binary Analysis with IDA Pro 7.4 Automation
It is easy to script analysis steps with IDAPython, but now we want to automate this analysis over, letβs say, 10,000 files. I did a quick Google and I couldnβt find a guide on how to pβ¦
One ring (zero) to rule them all (EDR reverse engineering) https://medium.com/@b1tst0rm/one-ring-zero-to-rule-them-all-9ec99d914c68 #reverse #windows #dukeBarman
Medium
One ring (zero) to rule them all.
Part 1
A LoRaWAN Securiy Evaluation Framework https://github.com/seemoo-lab/chirpotle #exploitation #dukeBarman
GitHub
GitHub - seemoo-lab/chirpotle: A LoRaWAN Security Evaluation Framework
A LoRaWAN Security Evaluation Framework. Contribute to seemoo-lab/chirpotle development by creating an account on GitHub.