#r2con2020 will be online & FREE! - 4 days in September (from 2020-09-02 to 2020-09-05)

Stream: https://www.youtube.com/channel/UCZo6gyBPj6Vgg8u2dfIhY4Q
r2wars: https://rada.re/con/2020/#r2wars
CTF: https://ctf.radare.org/welcome.html and https://rada.re/con/2020/#CTF
Schedule: https://rada.re/con/2020/assets/r2con2020schedule.pdf

Chiptune party: https://rada.re/con/2020/#Chiptune

#reverse #videos #conference #r2con #ctf #dukeBarman

How efiXplorer helping to solve challenges in reverse engineering of UEFI firmware | Alex Matrosov https://www.youtube.com/watch?v=FFGQJBmRkLw #videos #uefi #reverse #ida #dukeBarman

Analysis of Themida v3 x32 Advanced API Wrapping

https://github.com/quosego/analysis.oreans/tree/master/Documentations/Version%203/Themida/x32/3.0.8.0/Advanced%20API-Wrapping

#reverse #themida #darw1n

Angr integration with Cutter's debugger https://github.com/yossizap/angrcutter #reverse #radare2 #smt #dukeBarman

#r2con2020 is online & FREE - https://www.youtube.com/watch?v=sgNDYgLyAP4
Schedule: https://rada.re/con/2020/assets/r2con2020schedule.pdf

#reverse #conference #videos #r2con #dukeBarman

This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in iOS 13.5, while two of the mitigation bypasses, CVE-2020-9870 and CVE-2020-9910, were fixed in iOS 13.6.

JITSploitation I: A JIT Bug
https://googleprojectzero.blogspot.com/2020/09/jitsploitation-one.html

JITSploitation II: Getting Read/Write
https://googleprojectzero.blogspot.com/2020/09/jitsploitation-two.html

JITSploitation III: Subverting Control Flow
https://googleprojectzero.blogspot.com/2020/09/jitsploitation-three.html

#mobile #ios #javascript #browser #jit #webkit #expdev #cve #reverse #darw1n

VMX intrinsics plugin for Hex-Rays decompiler. The plugin allow to display unhandled VMX instructions into their respective intrinsic form when using the decompiler. Might be useful for those who enjoy reversing hypervisors.

https://github.com/synacktiv/vmx_intrinsics

#reverse #ida #plugin #hypervisor #vmx #darw1n

Overview of free online malware analysis sandboxes

Image version:
https://www.untrustednetwork.net/images/misc/free-malware-analysis-sandboxes-overview-current.png

Text version:
https://www.untrustednetwork.net/en/sandboxes/

#malware #analysis #sandboxes #darw1n

VolgaCTF 2020 is an international inter-university cybersecurity competition with a local conference taking place in Samara, Russia on September 14-18.

If you have the opportunity, we recommend visiting it!

Use angr from Ghidra! One-click symbolic execution with AngryGhidraPlugin https://github.com/Nalen98/AngryGhidra #reverse #ghidra #dukeBarman

#r2con2020 DAY2 is online - https://www.youtube.com/watch?v=sgNDYgLyAP4
Schedule: https://rada.re/con/2020/assets/r2con2020schedule.pdf

#reverse #conference #videos #r2con2020 #dukeBarman

A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints https://github.com/hasherezade/asm_cleaner #exploitation #reverse #dukeBarman

Cutter 1.12.0 release with major decompiler widget changes https://github.com/radareorg/cutter/releases/tag/v1.12.0

#reverse #radare2 #jeisonwi

IDA Pro Tips to Add to Your Bag of Tricks

https://swarm.ptsecurity.com/ida-pro-tips/

#revese #ida #tips #darw1n

Dealing with Manipulated ELF Binary and Manually Resolving Import Functions

https://forum.reverse4you.org/t/dealing-with-manipulated-elf-binary-and-manually-resolving-import-functions/11842

#reverse #linux #import #reconstruct #elf #antidebug #crackme #writeup #darw1n

Python 3 bridge to Ghidra's Python scripting https://github.com/justfoxing/ghidra_bridge #reverse #ghidra #dukeBarman

Dive Deeper -- Analyze real mode binaries like a Pro with Qiling Framework

https://blog.lazym.io/2020/09/05/Dive-deeper-Analyze-real-mode-binaries-like-a-Pro-with-Qiling-Framework/

#reverse #emulation #mbr #dos #qiling #framework #ldviolet

DRAKVUF is a virtualization based agentless black-box binary analysis system

https://github.com/tklengyel/drakvuf

#reverse #hypervisor #tracer #h0t_max

Red Teaming/Adversary Simulation Toolkit is a collection of open source and commercial tools that aid in red team operations. This repository will help you during red team engagement.

https://github.com/infosecn1nja/Red-Teaming-Toolkit

#reverse #redteam #tools #darw1n

VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor. The VMM driver implements multiple breakpoint control managers which allow a user mode client to set, clear, and inspect the logs of VMM-backed breakpoints. These breakpoints are invisible to the guest.

https://github.com/changeofpace/VivienneVMM

#reverse #hypervisor #debugger #darw1n

Using Qiling to resolve obfuscated import on windows https://gist.github.com/y0ug/b83fcf121f80d419c8d5eb342ca31a59 #reverse #ida #malware #dukeBarman