The Art of Large Scale Cumulative Binary Diffing
Article: http://www.debasish.in/2018/03/the-art-of-large-scale-cumulative.html
Code: https://github.com/debasishm89/MassDiffer
#reverse #ida #dukeBarman
Article: http://www.debasish.in/2018/03/the-art-of-large-scale-cumulative.html
Code: https://github.com/debasishm89/MassDiffer
#reverse #ida #dukeBarman
www.debasish.in
The Art of Large Scale Cumulative Binary Diffing
Debasish Mandal's Personal Blog about Information Security Research,Exploit Development,Vulnerability Research,Python and some random ideas!
GReAT Ideas. Powered by SAS: threat hunting and new techniques https://www.youtube.com/watch?v=xeTYLRCwnFo #video #malware #dukeBarman
YouTube
GReAT Ideas. Powered by SAS: threat hunting and new techniques
On July 22 Kaspersky's Global Research and Analysis Team (GReAT) held its second talk of ‘GReAT Ideas. Powered by SAS’ series.
Watch the recording of the session if you missed it live.
‘GReAT Ideas’ is a series of events meant to empower you with information…
Watch the recording of the session if you missed it live.
‘GReAT Ideas’ is a series of events meant to empower you with information…
The core of Apple is PPL (Apple's Page Protection Layer): Breaking the XNU kernel's kernel https://googleprojectzero.blogspot.com/2020/07/the-core-of-apple-is-ppl-breaking-xnu.html #exploitation #macos #ios #dukeBarman
Blogspot
The core of Apple is PPL: Breaking the XNU kernel's kernel
Posted by Brandon Azad, Project Zero While doing research for the one-byte exploit technique , I considered several ways it might be poss...
WasmBoxC: Simple, Easy, and Fast VM-less Sandboxing https://kripken.github.io/blog/wasm/2020/07/27/wasmboxc.html #exploitation #dukeBarman
kripken.github.io
WasmBoxC: Simple, Easy, and Fast VM-less Sandboxing
The software ecosystem has a lot of useful but unsafe code, and the easier it is to sandbox that code, the moreoften that’ll happen. If it were as simple as ...
A gentle introduction into ARM assembly https://www.shadowinfosec.io/2018/05/a-gentle-introduction-into-arm-assembly.html #reverse #dukeBarman
Reverse Engineering Starling Bank (Part I): Obfuscation Techniques https://hot3eed.github.io/2020/07/30/starling_p1_obfuscations.html
Reverse Engineering Starling Bank (Part II): Jailbreak & Debugger Detection, Weaknesses & Mitigations https://hot3eed.github.io/2020/08/02/starling_p2_detections_mitigations.html
#reverse #ios #frida
Reverse Engineering Starling Bank (Part II): Jailbreak & Debugger Detection, Weaknesses & Mitigations https://hot3eed.github.io/2020/08/02/starling_p2_detections_mitigations.html
#reverse #ios #frida
hot3eed.github.io
Reverse Engineering Starling Bank (Part I): Obfuscation Techniques
Reverse Engineering Starling Bank (Part I): Obfuscation Techniques 2020-07-30
Article: Removing Kernel Callbacks Using Signed Drivers
https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/
Code: Enumerating and removing kernel callbacks using signed vulnerable drivers
https://github.com/br-sn/CheekyBlinder
#reverse #expdev #malware #darw1n
https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/
Code: Enumerating and removing kernel callbacks using signed vulnerable drivers
https://github.com/br-sn/CheekyBlinder
#reverse #expdev #malware #darw1n
GitHub
GitHub - br-sn/CheekyBlinder: Enumerating and removing kernel callbacks using signed vulnerable drivers
Enumerating and removing kernel callbacks using signed vulnerable drivers - br-sn/CheekyBlinder
CVE-2020–9854: "Unauthd" (three) logic bugs ftw! https://objective-see.com/blog/blog_0x4D.html #macos #exploit #dukeBarman
objective-see.org
CVE-2020–9854: "Unauthd"
(three) logic bugs ftw!
Reverse-engineering and analysis of SanDisk High Endurance microSDXC card https://ripitapart.com/2020/07/16/reverse-engineering-and-analysis-of-sandisk-high-endurance-microsdxc-card/ #reverse #hardware
Rip It Apart - Jason's electronics blog-thingy
Reverse-engineering and analysis of SanDisk High Endurance microSDXC card
As seen on Hackaday! TL;DR – The SanDisk High Endurance cards use SanDisk/Toshiba 3D TLC Flash. It took way, way more work than it should have to figure this out (thanks for nothing, SanDisk!…
Exploiting Android Messengers with WebRTC: Part 1 https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-1.html #android #exploit #dukeBarman
Blogspot
Exploiting Android Messengers with WebRTC: Part 1
Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in We...
Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary https://github.com/sibears/IDAGolangHelper #ida #reverse #dukeBarman
GitHub
GitHub - sibears/IDAGolangHelper: Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary - sibears/IDAGolangHelper
MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle https://googleprojectzero.blogspot.com/2020/08/mms-exploit-part-4-completing-aslr-oracle.html #exploit #android #dukeBarman
Blogspot
MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle
Posted by Mateusz Jurczyk, Project Zero This post is the fourth of a multi-part series capturing my journey from discovering a vulnerabl...
Why are Frida and QBDI a Great Blend on Android? https://blog.quarkslab.com/why-are-frida-and-qbdi-a-great-blend-on-android.html #android #frida #dukeBarman
Quarkslab
Why are Frida and QBDI a Great Blend on Android? - Quarkslab's blog
This blog post dives into how to get a better understanding of an Android native function by taking full advantage of both Frida and QBDI.
Announcing the Seventh Annual Flare-On Challenge https://www.fireeye.com/blog/threat-research/2020/08/announcing-the-seventh-annual-flare-on-challenge.html #reverse #CTF #dukeBarman
Google Cloud Blog
7th Annual Flare-On Challenge | Reverse Engineering Challenge | Google Cloud Blog
The Front Line Applied Research & Expertise (FLARE) team is honored to announce that the popular Flare-On challenge will return for a seventh year.
SVE-2019-15230: A bug collision https://allsoftwaresucks.blogspot.com/2020/08/sve-2019-15230-bug-collision.html #android #dukeBarman
Blogspot
SVE-2019-15230: A bug collision
Researchers from Team T5 recently published their write-up on exploiting a bug in S-Boot and obtaining code execution in the Samsung Secure ...
Exploiting Android Messengers with WebRTC: Part 2 https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-2.html #exploit #android #dukeBarman
Blogspot
Exploiting Android Messengers with WebRTC: Part 2
Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in WebR...
Attack Secure Boot of SEP https://github.com/windknown/presentations/raw/master/Attack_Secure_Boot_of_SEP.pdf #exploitation #iOS #dukeBarman
Fuzzing the Windows API for AV Evasion
https://winternl.com/fuzzing-the-windows-api-for-av-evasion/
#reverse #malware #fuzzing #win #Thatskriptkid
https://winternl.com/fuzzing-the-windows-api-for-av-evasion/
#reverse #malware #fuzzing #win #Thatskriptkid
winternl
Fuzzing the Windows API for AV Evasion
Malware Detection Systems (MDSs) use a technique called emulation as perhaps their most effective weapon against novel malware threats. Emulation does not rely on the static structure or signature of…
https://arstechnica.com/information-technology/2020/08/snapdragon-chip-flaws-put-1-billion-android-phones-at-risk-of-data-theft/ #Gyokuyou
Ars Technica
Snapdragon chip flaws put >1 billion Android phones at risk of data theft
There’s no word on when Google and phone makers will incorporate fix from Qualcomm.