A survey of recent iOS kernel exploits
https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html?m=1
#exploitation #ios #jeisonwi
https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html?m=1
#exploitation #ios #jeisonwi
Blogspot
A survey of recent iOS kernel exploits
Posted by Brandon Azad, Project Zero I recently found myself wishing for a single online reference providing a brief summary of the high...
Python winappdbg RE Video Tutorial Series https://www.youtube.com/playlist?list=PLKwUZp9HwWoDCm0qqSyXtZqfmbFahmDfn #video #reverse #debugger #dukeBarman
Python package to parse ARM Specification Language code https://github.com/alehed/aslutils #reverse #dukeBarman
GitHub
GitHub - alehed/aslutils: Python package to parse ARM Specification Language code
Python package to parse ARM Specification Language code - alehed/aslutils
gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.
Official site: https://d0c-s4vage.github.io/gramfuzz/
Source: https://github.com/d0c-s4vage/gramfuzz
#fuzzing #dukeBarman
Official site: https://d0c-s4vage.github.io/gramfuzz/
Source: https://github.com/d0c-s4vage/gramfuzz
#fuzzing #dukeBarman
GitHub
GitHub - d0c-s4vage/gramfuzz: gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binaryβ¦
gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats. - d0c-s4vage/gramfuzz
WinDivert is a user-mode packet interception library for Windows 7, Windows 8 and Windows 10. It enables user-mode capturing/modifying/dropping of network packets sent to/from the Windows network stack.
https://github.com/basil00/Divert
#tools #pentest #packets #windows #darw1n
https://github.com/basil00/Divert
#tools #pentest #packets #windows #darw1n
GitHub
GitHub - basil00/WinDivert: WinDivert: Windows Packet Divert
WinDivert: Windows Packet Divert. Contribute to basil00/WinDivert development by creating an account on GitHub.
SheLLVM is a collection of LLVM transform and analysis passes to write shellcode (or another words to write position-independent "load anywhere and jump to the beginning" machine code) in regular C.
https://github.com/SheLLVM/SheLLVM
#tools #reverse #shellcode #llvm #darw1n
https://github.com/SheLLVM/SheLLVM
#tools #reverse #shellcode #llvm #darw1n
GitHub
GitHub - SheLLVM/SheLLVM: A collection of LLVM transform and analysis passes to write shellcode in regular C
A collection of LLVM transform and analysis passes to write shellcode in regular C - SheLLVM/SheLLVM
Understanding and Abusing Process Tokens β Part I
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
Understanding and Abusing Access Tokens β Part II
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
#malware #reverse #lpe #windows #internals #darw1n
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
Understanding and Abusing Access Tokens β Part II
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
#malware #reverse #lpe #windows #internals #darw1n
Medium
Understanding and Abusing Process Tokens β Part II
Now, considering the knowledge gained earlier in Part I, letβs understand SeImpersonatePrivilege which the administrator account has byβ¦
CVE-2020-1054 Analysis https://0xeb-bp.github.io/blog/2020/06/15/cve-2020-1054-analysis.html #exploitation #dukeBarman
Symbolic execution with SYMCC http://www.s3.eurecom.fr/tools/symbolic_execution/symcc.html
Article: http://www.s3.eurecom.fr/docs/usenixsec20_symcc.pdf
Source: https://github.com/eurecom-s3/symcc
#reverse #fuzzing #dukeBarman
Article: http://www.s3.eurecom.fr/docs/usenixsec20_symcc.pdf
Source: https://github.com/eurecom-s3/symcc
#reverse #fuzzing #dukeBarman
www.s3.eurecom.fr
SymCC | S3
The S3 Software and System Security Group @ EURECOM website.
Hexrays Toolbox - Find code patterns within the Hexrays AST https://github.com/patois/HexraysToolbox #reverse #IDA #dukeBarman
GitHub
GitHub - patois/HexraysToolbox: Hexrays Toolbox - Find code patterns within the Hexrays ctree
Hexrays Toolbox - Find code patterns within the Hexrays ctree - patois/HexraysToolbox
A Ghidra processor module for the EFI Byte Code (EBC) https://github.com/meromwolff/Ghidra-EFI-Byte-Code-Processor #reverse #uefi #hardware #ghidra #dukeBarman
GitHub
GitHub - meromwolff/Ghidra-EFI-Byte-Code-Processor: A Ghidra processor module for the EFI Byte Code (EBC)
A Ghidra processor module for the EFI Byte Code (EBC) - meromwolff/Ghidra-EFI-Byte-Code-Processor
IDA Pro 7.5 SP1 released https://www.hex-rays.com/blog/ida-pro-7-5-sp1-released/ #reverse #ida #dukeBarman
Tools used during the reversing of the Nikon firmware https://github.com/simeonpilgrim/nikon-firmware-tools #reverse #hardware #ida #dukeBarman
GitHub
GitHub - simeonpilgrim/nikon-firmware-tools: Tools used during the reversing of the Nikon firmware
Tools used during the reversing of the Nikon firmware - simeonpilgrim/nikon-firmware-tools
Cracking BattlEye packet encryption
https://secret.club/2020/06/19/battleye-packet-encryption.html
#reverse #jeisonwi
https://secret.club/2020/06/19/battleye-packet-encryption.html
#reverse #jeisonwi
secret club
Cracking BattlEye packet encryption
Recently, Battlestate Games, the developers of Escape From Tarkov, hired BattlEye to implement encryption on networked packets so that cheaters canβt capture these packets, parse them and use them for their advantage in the form of radar cheats, or otherwise.β¦
tiny_tracer - A Pin Tool for tracing API calls etc https://github.com/hasherezade/tiny_tracer #reverse #dbi #dukeBarman
GitHub
GitHub - hasherezade/tiny_tracer: A Pin Tool for tracing API calls etc
A Pin Tool for tracing API calls etc. Contribute to hasherezade/tiny_tracer development by creating an account on GitHub.
The Intezer Analyze IDA Pro plugin is now available to community users https://intezer.com/blog/intezer-analyze/ida-pro-plugin-now-available-to-the-community/ #reverse #ida #malware #dukeBarman
Intezer
IDA Pro Plugin Now Available to the Community
Accelerate reverse engineering by enriching every function of disassembled machine code with info about where the code was seen previously.