Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections (Usenix 2020) - The conceptually novel type of timing attack that leverages the coalescing of packets by network protocols and concurrent handling of requests by applications https://tom.vg/papers/timeless-timing-attack_usenix2020.pdf #exploitation #dukeBarman
Binary Ninja loader for common Nintendo Switch file types https://github.com/EliseZeroTwo/Switch-Binja-Loader #binaryninja #reverse #dukeBarman
GitHub
GitHub - EliseZeroTwo/Switch-Binja-Loader: Binary Ninja loader for common Nintendo Switch file types
Binary Ninja loader for common Nintendo Switch file types - EliseZeroTwo/Switch-Binja-Loader
Apple's Security Research Device Program was officially launched https://developer.apple.com/programs/security-research-device/ #ios #macos #dukeBarman
Security Research Device - Apple Security Research
Get an iPhone dedicated to security research through the Apple Security Research Device program. Learn how to apply.
7 Days to Lift: A Mission in Microcode Extending the Hex-Rays Decompiler to Support Intel AVX Instructions https://blog.ret2.io/2020/07/22/ida-pro-avx-decompiler/ #reverse #IDA #dukeBarman
RET2 Systems Blog
7 Days to Lift: A Mission in Microcode
Recently I came across a special binary that was compiled to run on a fixed, well-defined set of modern computer hardware. This rather large binary performs ...
Parse YARA rules and operate over them more easily https://github.com/plyara/plyara #reverse #malware #dukeBarman
GitHub
GitHub - plyara/plyara: Parse YARA rules and operate over them more easily.
Parse YARA rules and operate over them more easily. - plyara/plyara
DJI ANDROID GO 4 APPLICATION SECURITY ANALYSIS https://www.synacktiv.com/en/publications/dji-android-go-4-application-security-analysis.html #android #reverse #dukeBarman
Synacktiv
DJI Android GO 4 application security analysis
ARMv8.5-A Memory Tagging Extension (MTE) instructions support is now available in #radare2 https://github.com/radareorg/radare2/commit/1dbe43d #reverse #dukeBarman
GitHub
Fix #17135 - Support Memory Tagging Extension instructions ##anal (#1β¦ Β· radareorg/radare2@1dbe43d
β¦7279)
Co-authored-by: phakeobj <phakeobj@users.noreply.github.com>
Co-authored-by: phakeobj <phakeobj@users.noreply.github.com>
Updates on ThiefQuest, the Quickly-Evolving macOS Malware https://blog.trendmicro.com/trendlabs-security-intelligence/updates-on-thiefquest-the-quickly-evolving-macos-malware/ #malware #reverse #macos #dukeBarman
Trend Micro
Updates on Quickly-Evolving ThiefQuest macOS Malware
We discuss our discoveries on ThiefQuest, such as the differences between the old and new versions of the malware, and why we believe ThiefQuest is an example of highly capable malware that should be kept under close monitoring.
Piercing the Veil: Android Code Deobfuscation https://www.youtube.com/watch?v=lmHkfKXuN4A #reverse #android #obfuscation #dukeBarman
YouTube
Piercing the Veil: Android Code Deobfuscation - Caleb Fenton
Presented at Silicon Valley Cyber Security Meetup Talkin' Security Online Event on Thursday, May 7, 2020
Slides can be found at https://drive.google.com/file/d/1QUpMOm1-gzWYLVsmGJrcOHyea2e0X93z
Summary of the Talk: Android malware analysts often encounterβ¦
Slides can be found at https://drive.google.com/file/d/1QUpMOm1-gzWYLVsmGJrcOHyea2e0X93z
Summary of the Talk: Android malware analysts often encounterβ¦
Cutter v1.11 has just been released! π
https://twitter.com/r2gui/status/1286684468602863616
Some of the highlights:
- Major improvements to the graph layout algorithm
- Latest version of radare2 with improved analysis and bug fixes
- New Graph widgets: Function Call-Graph, Global Call-Graph, Import Graph and more
- Support for saving and loading multiple UI layouts for customized user experience
- ...
Developers improved documentation, especially the documentation for new contributors >> https://cutter.re/docs/contributing
#reverse #radare2 #dukeBarman
https://twitter.com/r2gui/status/1286684468602863616
Some of the highlights:
- Major improvements to the graph layout algorithm
- Latest version of radare2 with improved analysis and bug fixes
- New Graph widgets: Function Call-Graph, Global Call-Graph, Import Graph and more
- Support for saving and loading multiple UI layouts for customized user experience
- ...
Developers improved documentation, especially the documentation for new contributors >> https://cutter.re/docs/contributing
#reverse #radare2 #dukeBarman
X (formerly Twitter)
Cutter (@cutter_re) on X
Cutter v1.11 has just released with many surprises! π
We significantly improved the graph layout, introduced Global and Function Call-Graphs, added support for saving and loading your own UI layouts, and much more.
Download and give it a try --> https:β¦
We significantly improved the graph layout, introduced Global and Function Call-Graphs, added support for saving and loading your own UI layouts, and much more.
Download and give it a try --> https:β¦
Code deobfuscation by program synthesis-aided simplification of Mixed Boolean-Arithmetic expressions https://github.com/arnaugamez/tfg Code: https://github.com/arnaugamez/r2syntia #reverse #dukeBarman
GitHub
GitHub - arnaugamez/tfg: A copy of my Mathematics and Computer Engineering B.Sc. thesis
A copy of my Mathematics and Computer Engineering B.Sc. thesis - arnaugamez/tfg
Python scripts to help analzye go binaries in radare2. Basically this is a port of the IDA pro script golang_load_assist to r2. https://github.com/f0rki/r2-go-helpers #reverse #radare2 #dukeBarman
GitHub
GitHub - f0rki/r2-go-helpers: [UNMAINTAINED] python scripts to help analzye go binaries in radare2
[UNMAINTAINED] python scripts to help analzye go binaries in radare2 - f0rki/r2-go-helpers
Prometei botnet and its quest for Monero https://blog.talosintelligence.com/2020/07/prometei-botnet-and-its-quest-for-monero.html #reverse #malware #dukeBarman
Cisco Talos Blog
Prometei botnet and its quest for Monero
NEWS SUMMARY
* We are used to ransomware attacks and big-game hunting making the headlines, but there are still methods adversaries use to monetize their efforts in less intrusive ways.
* Cisco Talos recently discovered a cryptocurrency-mining botnet attackβ¦
* We are used to ransomware attacks and big-game hunting making the headlines, but there are still methods adversaries use to monetize their efforts in less intrusive ways.
* Cisco Talos recently discovered a cryptocurrency-mining botnet attackβ¦
IDA: Whatβs new in 7.5sp2 https://www.hex-rays.com/products/ida/news/7_5sp2/ #reverse #IDA #dukeBarman
Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro to dump in-memory PE files and reconstruct imports. https://github.com/blackberry/pe_tree #reverse #windows #ida #dukeBarman
GitHub
GitHub - blackberry/pe_tree: Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Canβ¦
Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports. - blackb...
Binary instrumentation framework based on FRIDA https://github.com/Ch0pin/medusa #reverse #frida #android #dukeBarman
GitHub
GitHub - Ch0pin/medusa: Mobile Edge-Dynamic Unified Security Analysis
Mobile Edge-Dynamic Unified Security Analysis. Contribute to Ch0pin/medusa development by creating an account on GitHub.
Converts .tag file produced by tiny_tracer to Cutter annotation script https://github.com/Dump-GUY/tiny_tracer_tag_to_cutter #reverse #radare2 #dukeBarman
GitHub
GitHub - Dump-GUY/tiny_tracer_tag_to_cutter
Contribute to Dump-GUY/tiny_tracer_tag_to_cutter development by creating an account on GitHub.
MMS Exploit Part 3: Constructing the Memory Corruption Primitives https://googleprojectzero.blogspot.com/2020/07/mms-exploit-part-3-constructing-primitives.html #reverse #android #exploitation #dukeBarman
Blogspot
MMS Exploit Part 3: Constructing the Memory Corruption Primitives
Posted by Mateusz Jurczyk, Project Zero This post is the third of a multi-part series capturing my journey from discovering a vulnerable...
Set of antianalysis techniques found in malware https://github.com/hasherezade/antianalysis_demos #reverse #malware #dukeBarman
GitHub
GitHub - hasherezade/antianalysis_demos: Set of antianalysis techniques found in malware
Set of antianalysis techniques found in malware. Contribute to hasherezade/antianalysis_demos development by creating an account on GitHub.