Using Memory Artifacts As Shellcode Emulation Environment (ft. Unicorn Framework) https://darungrim.com/research/2020-06-04-UsingMemoryArtifactsAsShellcodeEmulationEnvironment.html #exploitation #dukeBarman
HugeDomains
DarunGrim.com is for sale | HugeDomains
Find a domain name today. We make it easy.
"Disassembling Link’s Awakening" - reversing games for gameboy https://kemenaran.winosx.com/posts/category-disassembling-links-awakening/ #reverse #dukeBarman
A lightweight dynamic instrumentation library https://github.com/googleprojectzero/TinyInst #reverse #dukeBarman
GitHub
GitHub - googleprojectzero/TinyInst: A lightweight dynamic instrumentation library
A lightweight dynamic instrumentation library. Contribute to googleprojectzero/TinyInst development by creating an account on GitHub.
abyss - IDAPython Plugin for Postprocessing of Hexrays Decompiler Output https://github.com/patois/abyss #ida #reverse #dukeBarman
GitHub
GitHub - patois/abyss: abyss - augmentation of Hexrays decompiler output
abyss - augmentation of Hexrays decompiler output. Contribute to patois/abyss development by creating an account on GitHub.
An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts https://github.com/ioncodes/idacode #reverse #ida #dukeBarman
GitHub
GitHub - ioncodes/idacode: An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.
An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts. - ioncodes/idacode
June 10 will be an online meeting (lang RU) on the topic of information security from Digital Security.
In addition to presentations at the meeting there will be a small online CTF and a Kahoot game with gifts.
Starts at 17:00, end at 21:00.
Registration required (it’s free).
https://digital-securityi-serv.timepad.ru/event/1313810/ #event #darw1n
In addition to presentations at the meeting there will be a small online CTF and a Kahoot game with gifts.
Starts at 17:00, end at 21:00.
Registration required (it’s free).
https://digital-securityi-serv.timepad.ru/event/1313810/ #event #darw1n
digital-securityi-serv.timepad.ru
Онлайн-встреча по информационной безопасности Digital Security ON AIR / События на TimePad.ru
10 июня присоединяйтесь к онлайн-встрече по информационной безопасности Digital Security ON AIR.
Стартуем в 17:00, закончить планируем в 20:00. В программе доклады на актуальные темы ИБ, небольшой online CTF, а также игра Kahoot с призами. Вход свободный.
Стартуем в 17:00, закончить планируем в 20:00. В программе доклады на актуальные темы ИБ, небольшой online CTF, а также игра Kahoot с призами. Вход свободный.
Defeating Stack Canary, PIE and DEP on remote 64 bit server with byte wise bruteforce https://www.ret2rop.com/2020/05/canary-pie-byte-bruteforce.html #exploitation #dukeBarman
A survey of recent iOS kernel exploits
https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html?m=1
#exploitation #ios #jeisonwi
https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html?m=1
#exploitation #ios #jeisonwi
Blogspot
A survey of recent iOS kernel exploits
Posted by Brandon Azad, Project Zero I recently found myself wishing for a single online reference providing a brief summary of the high...
Python winappdbg RE Video Tutorial Series https://www.youtube.com/playlist?list=PLKwUZp9HwWoDCm0qqSyXtZqfmbFahmDfn #video #reverse #debugger #dukeBarman
Python package to parse ARM Specification Language code https://github.com/alehed/aslutils #reverse #dukeBarman
GitHub
GitHub - alehed/aslutils: Python package to parse ARM Specification Language code
Python package to parse ARM Specification Language code - alehed/aslutils
gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.
Official site: https://d0c-s4vage.github.io/gramfuzz/
Source: https://github.com/d0c-s4vage/gramfuzz
#fuzzing #dukeBarman
Official site: https://d0c-s4vage.github.io/gramfuzz/
Source: https://github.com/d0c-s4vage/gramfuzz
#fuzzing #dukeBarman
GitHub
GitHub - d0c-s4vage/gramfuzz: gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary…
gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats. - d0c-s4vage/gramfuzz
WinDivert is a user-mode packet interception library for Windows 7, Windows 8 and Windows 10. It enables user-mode capturing/modifying/dropping of network packets sent to/from the Windows network stack.
https://github.com/basil00/Divert
#tools #pentest #packets #windows #darw1n
https://github.com/basil00/Divert
#tools #pentest #packets #windows #darw1n
GitHub
GitHub - basil00/WinDivert: WinDivert: Windows Packet Divert
WinDivert: Windows Packet Divert. Contribute to basil00/WinDivert development by creating an account on GitHub.
SheLLVM is a collection of LLVM transform and analysis passes to write shellcode (or another words to write position-independent "load anywhere and jump to the beginning" machine code) in regular C.
https://github.com/SheLLVM/SheLLVM
#tools #reverse #shellcode #llvm #darw1n
https://github.com/SheLLVM/SheLLVM
#tools #reverse #shellcode #llvm #darw1n
GitHub
GitHub - SheLLVM/SheLLVM: A collection of LLVM transform and analysis passes to write shellcode in regular C
A collection of LLVM transform and analysis passes to write shellcode in regular C - SheLLVM/SheLLVM
Understanding and Abusing Process Tokens — Part I
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
Understanding and Abusing Access Tokens — Part II
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
#malware #reverse #lpe #windows #internals #darw1n
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
Understanding and Abusing Access Tokens — Part II
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
#malware #reverse #lpe #windows #internals #darw1n
Medium
Understanding and Abusing Process Tokens — Part II
Now, considering the knowledge gained earlier in Part I, let’s understand SeImpersonatePrivilege which the administrator account has by…
CVE-2020-1054 Analysis https://0xeb-bp.github.io/blog/2020/06/15/cve-2020-1054-analysis.html #exploitation #dukeBarman
Symbolic execution with SYMCC http://www.s3.eurecom.fr/tools/symbolic_execution/symcc.html
Article: http://www.s3.eurecom.fr/docs/usenixsec20_symcc.pdf
Source: https://github.com/eurecom-s3/symcc
#reverse #fuzzing #dukeBarman
Article: http://www.s3.eurecom.fr/docs/usenixsec20_symcc.pdf
Source: https://github.com/eurecom-s3/symcc
#reverse #fuzzing #dukeBarman
www.s3.eurecom.fr
SymCC | S3
The S3 Software and System Security Group @ EURECOM website.