Use angr from Ghidra! One-click symbolic execution with AngryGhidraPlugin https://github.com/Nalen98/AngryGhidra #reverse #ghidra #dukeBarman
GitHub
GitHub - Nalen98/AngryGhidra: Use angr in Ghidra
Use angr in Ghidra. Contribute to Nalen98/AngryGhidra development by creating an account on GitHub.
#r2con2020 DAY2 is online - https://www.youtube.com/watch?v=sgNDYgLyAP4
Schedule: https://rada.re/con/2020/assets/r2con2020schedule.pdf
#reverse #conference #videos #r2con2020 #dukeBarman
Schedule: https://rada.re/con/2020/assets/r2con2020schedule.pdf
#reverse #conference #videos #r2con2020 #dukeBarman
YouTube
r2con2020 DAY1 Live Stream
SLIDES https://github.com/radareorg/r2con2020/tree/master/day1
π TALK INDEX π
0:00 r2con2020 day 1
20:35 Opening r2con2020 keynote by Pancake
35:48 r2wars for n00bs by @CaptnBanana
59:00 r2wars training round 1
1:51:40 Mobile reverse engineering with r2fridaβ¦
π TALK INDEX π
0:00 r2con2020 day 1
20:35 Opening r2con2020 keynote by Pancake
35:48 r2wars for n00bs by @CaptnBanana
59:00 r2wars training round 1
1:51:40 Mobile reverse engineering with r2fridaβ¦
A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints https://github.com/hasherezade/asm_cleaner #exploitation #reverse #dukeBarman
Cutter 1.12.0 release with major decompiler widget changes https://github.com/radareorg/cutter/releases/tag/v1.12.0
#reverse #radare2 #jeisonwi
#reverse #radare2 #jeisonwi
IDA Pro Tips to Add to Your Bag of Tricks
https://swarm.ptsecurity.com/ida-pro-tips/
#revese #ida #tips #darw1n
https://swarm.ptsecurity.com/ida-pro-tips/
#revese #ida #tips #darw1n
PT SWARM
IDA Pro Tips to Add to Your Bag of Tricks
This article is a selection of tips for IDA Pro
Dealing with Manipulated ELF Binary and Manually Resolving Import Functions
https://forum.reverse4you.org/t/dealing-with-manipulated-elf-binary-and-manually-resolving-import-functions/11842
#reverse #linux #import #reconstruct #elf #antidebug #crackme #writeup #darw1n
https://forum.reverse4you.org/t/dealing-with-manipulated-elf-binary-and-manually-resolving-import-functions/11842
#reverse #linux #import #reconstruct #elf #antidebug #crackme #writeup #darw1n
R0 CREW
Dealing with Manipulated ELF Binary and Manually Resolving Import Functions
Source: github.com/jeffli678 This is a writeup about solving the BinaryNewbieβs Tr1cky Cr4ckm3. It is created by user BinaryNewbie, who is NOT a newbie for binary reversing. It can be downloaded at: Crackmes 5e727daa33c5d4439bb2decd.zip (6.0 KB) Weβ¦
Python 3 bridge to Ghidra's Python scripting https://github.com/justfoxing/ghidra_bridge #reverse #ghidra #dukeBarman
GitHub
GitHub - justfoxing/ghidra_bridge: Python 3 bridge to Ghidra's Python scripting
Python 3 bridge to Ghidra's Python scripting. Contribute to justfoxing/ghidra_bridge development by creating an account on GitHub.
Dive Deeper -- Analyze real mode binaries like a Pro with Qiling Framework
https://blog.lazym.io/2020/09/05/Dive-deeper-Analyze-real-mode-binaries-like-a-Pro-with-Qiling-Framework/
#reverse #emulation #mbr #dos #qiling #framework #ldviolet
https://blog.lazym.io/2020/09/05/Dive-deeper-Analyze-real-mode-binaries-like-a-Pro-with-Qiling-Framework/
#reverse #emulation #mbr #dos #qiling #framework #ldviolet
Lazymio's Blog
Dive Deeper -- Analyze real mode binaries like a Pro with Qiling Framework
IntroductionAnalyzing a real mode binary like DOS executables or MBR code is never an easy task. The best approach we have is to utilize Bochs, QEMU or Dosbox to emulate such binaries with some debugg
DRAKVUF is a virtualization based agentless black-box binary analysis system
https://github.com/tklengyel/drakvuf
#reverse #hypervisor #tracer #h0t_max
https://github.com/tklengyel/drakvuf
#reverse #hypervisor #tracer #h0t_max
GitHub
GitHub - tklengyel/drakvuf: DRAKVUF Black-box Binary Analysis
DRAKVUF Black-box Binary Analysis. Contribute to tklengyel/drakvuf development by creating an account on GitHub.
Red Teaming/Adversary Simulation Toolkit is a collection of open source and commercial tools that aid in red team operations. This repository will help you during red team engagement.
https://github.com/infosecn1nja/Red-Teaming-Toolkit
#reverse #redteam #tools #darw1n
https://github.com/infosecn1nja/Red-Teaming-Toolkit
#reverse #redteam #tools #darw1n
GitHub
GitHub - infosecn1nja/Red-Teaming-Toolkit: This repository contains cutting-edge open-source security tools (OST) for a red teamerβ¦
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter. - infosecn1nja/Red-Teaming-Toolkit
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor. The VMM driver implements multiple breakpoint control managers which allow a user mode client to set, clear, and inspect the logs of VMM-backed breakpoints. These breakpoints are invisible to the guest.
https://github.com/changeofpace/VivienneVMM
#reverse #hypervisor #debugger #darw1n
https://github.com/changeofpace/VivienneVMM
#reverse #hypervisor #debugger #darw1n
GitHub
GitHub - changeofpace/VivienneVMM: VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor. - changeofpace/VivienneVMM
Using Qiling to resolve obfuscated import on windows https://gist.github.com/y0ug/b83fcf121f80d419c8d5eb342ca31a59 #reverse #ida #malware #dukeBarman
Gist
Using Qiling to resolve obfuscated import on windows
Using Qiling to resolve obfuscated import on windows - _IAT_qiling.py
Ghidra for Linux on Arm (64-bit) https://assets.checkra.in/labo/ghidra/ #reverse #ghidra #arm #dukeBarman
Automated dynamic import resolving using binary emulation (and integrating Qiling to Ghidra with https://github.com/justfoxing/ghidra_bridge project) https://lopqto.me/posts/automated-dynamic-import-resolving #reverse #ghidra #dukeBarman
GitHub
GitHub - justfoxing/ghidra_bridge: Python 3 bridge to Ghidra's Python scripting
Python 3 bridge to Ghidra's Python scripting. Contribute to justfoxing/ghidra_bridge development by creating an account on GitHub.
Attacking the Qualcomm Adreno GPU https://googleprojectzero.blogspot.com/2020/09/attacking-qualcomm-adreno-gpu.html #exploitation #dukeBarman
Blogspot
Attacking the Qualcomm Adreno GPU
Posted by Ben Hawkes, Project Zero When writing an Android exploit, breaking out of the application sandbox is often a key step. There are a...
FuzzCon Europe 2020 - Fuzz Your Software https://www.youtube.com/playlist?list=PLI0R_0_8-TV4JArtdlgnuPtgXALZxAYqu #videos #conference #fuzzing #fuzzcon #dukeBarman
YouTube
FuzzCon Europe 2020 - Fuzz Your Software
This playlist includes all talks from FuzzConEurope 2020. For access to the slides, visit: https://www.fuzzcon.eu/sign-up-recording
Lucid is a new and interactive IDA plugin that makes it effortless to study the Hex-Rays microcode as it flows through the decompilation pipeline:
BLOG: https://blog.ret2.io/2020/09/11/lucid-hexrays-microcode-explorer/
CODE: https://github.com/gaasedelen/lucid
#reverse #uefi #ida #KosBeg
BLOG: https://blog.ret2.io/2020/09/11/lucid-hexrays-microcode-explorer/
CODE: https://github.com/gaasedelen/lucid
#reverse #uefi #ida #KosBeg
RET2 Systems Blog
Lucid: An Interactive Hex-Rays Microcode Explorer
Recently, we blogged about the Hex-Rays microcode that powers the IDA Pro decompiler. We showed how a few days spent hacking on the microcode API could drama...
Reverse-engineering the first FPGA chip, the XC2064 http://www.righto.com/2020/09/reverse-engineering-first-fpga-chip.html #reverse #hardware #dukeBarman
Righto
Reverse-engineering the first FPGA chip, the XC2064
A Field-Programmable Gate Array (FPGA) can implement arbitrary digital logic, anything from a microprocessor to a video generator or crypt...
ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/
ARM64 Reversing and Exploitation Part 2 - Use After Free http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-2-use-after-free/
ARM64 Reversing and Exploitation Part 3 - A Simple ROP Chain http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-3-a-simple-rop-chain/
#reverse #arm #exploitation #dukeBarman
ARM64 Reversing and Exploitation Part 2 - Use After Free http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-2-use-after-free/
ARM64 Reversing and Exploitation Part 3 - A Simple ROP Chain http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-3-a-simple-rop-chain/
#reverse #arm #exploitation #dukeBarman
Prateekg147
ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow
Hi Everyone ! In this blog series, we will be understanding the ARM instruction set and using that to reverse ARM Binaries followed by writing exploits for them. So letβs start with the basics of ARM64.
A Binary Ninja plugin for vulnerability research https://github.com/Martyx00/VulnFanatic/ #reverse #binaryninja #dukeBarman
GitHub
GitHub - Martyx00/VulnFanatic: A Binary Ninja plugin for vulnerability research.
A Binary Ninja plugin for vulnerability research. Contribute to Martyx00/VulnFanatic development by creating an account on GitHub.