Reverse-engineering the first FPGA chip, the XC2064 http://www.righto.com/2020/09/reverse-engineering-first-fpga-chip.html #reverse #hardware #dukeBarman
Righto
Reverse-engineering the first FPGA chip, the XC2064
A Field-Programmable Gate Array (FPGA) can implement arbitrary digital logic, anything from a microprocessor to a video generator or crypt...
ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/
ARM64 Reversing and Exploitation Part 2 - Use After Free http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-2-use-after-free/
ARM64 Reversing and Exploitation Part 3 - A Simple ROP Chain http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-3-a-simple-rop-chain/
#reverse #arm #exploitation #dukeBarman
ARM64 Reversing and Exploitation Part 2 - Use After Free http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-2-use-after-free/
ARM64 Reversing and Exploitation Part 3 - A Simple ROP Chain http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-3-a-simple-rop-chain/
#reverse #arm #exploitation #dukeBarman
Prateekg147
ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow
Hi Everyone ! In this blog series, we will be understanding the ARM instruction set and using that to reverse ARM Binaries followed by writing exploits for them. So letβs start with the basics of ARM64.
A Binary Ninja plugin for vulnerability research https://github.com/Martyx00/VulnFanatic/ #reverse #binaryninja #dukeBarman
GitHub
GitHub - Martyx00/VulnFanatic: A Binary Ninja plugin for vulnerability research.
A Binary Ninja plugin for vulnerability research. Contribute to Martyx00/VulnFanatic development by creating an account on GitHub.
GammaRay is a tool to poke around in a Qt-application and also to manipulate the application to some extent.
https://github.com/KDAB/GammaRay
#reverse #tools #inspect #qt #darw1n
https://github.com/KDAB/GammaRay
#reverse #tools #inspect #qt #darw1n
GitHub
GitHub - KDAB/GammaRay: GammaRay is a tool to poke around in a Qt-application and also to manipulate the application to some extent.
GammaRay is a tool to poke around in a Qt-application and also to manipulate the application to some extent. - KDAB/GammaRay
Espressif ESP32: Bypassing Encrypted Secure Boot (CVE-2020-13629) https://raelize.com/posts/espressif-esp32-bypassing-encrypted-secure-boot-cve-2020-13629/ #exploitation #hardware #dukeBarman
efiXplorer v2.0 [Hex-Rays Contest Edition] https://github.com/binarly-io/efiXplorer/releases/tag/v2.0 #ida #hardware #uefi #dukeBarman
GitHub
Release efiXplorer v2.0 [Hex-Rays Contest Edition] Β· binarly-io/efiXplorer
[new feature] UEFI image loader (loading the whole image to IDA Pro)
Support of analyzing 32-bit images
Support of analyzing SMM images
[new feature] PEI images analyzer
Multiple improvements and f...
Support of analyzing 32-bit images
Support of analyzing SMM images
[new feature] PEI images analyzer
Multiple improvements and f...
Time Travel Debugging - JavaScript Automation https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/time-travel-debugging-javascript-automation #reverse #debugger #windbg #dukeBarman
Docs
Time Travel Debugging - JavaScript Automation - Windows drivers
This section describes how to use JavaScript automation to work with TTD traces.
An emulator powered by Qiling to deobfuscate/decrypt VAC3 modules https://github.com/ioncodes/vacation3-emu #reverse #dukeBarman
GitHub
GitHub - ioncodes/vacation3-emu: VAC3 (Valve Anti-Cheat 3) module emulator
VAC3 (Valve Anti-Cheat 3) module emulator. Contribute to ioncodes/vacation3-emu development by creating an account on GitHub.
Step-through debugging with no debugger on Cortex-M https://interrupt.memfault.com/blog/cortex-m-debug-monitor #hardware #debugger #dukeBarman
Interrupt
Step-through debugging with no debugger on Cortex-M
An exploration of how to debug running devices by taking advantage of debug monitor mode on ARM Cortex-M MCUs
APIMiner - The API Logger for Malwares - The Fast Way To Identifying Malwares http://www.malware-analysis-and-detection-engineering.com/2020/09/apiminer-api-logger-for-malwares-fast.html #reverse #malware #dukeBarman
Malware-Analysis-And-Detection-Engineering
APIMiner - The API Logger for Malwares - The Fast Way To Identifying Malwares
Direct Download Link for Latest Release of APIMiner: https://github.com/poona/APIMiner/releases/download/1.0.0/release-v1.0.0.zip One of...
Giving Hackers a Headache with Exploit Mitigations - Maria Markstedter, Azeria Labs
Video: https://www.youtube.com/watch?v=riQ-WyYrxh4
Slides: https://azeria-labs.com/downloads/Keynote_ArmResearchSummit2020_Azeria.pdf
#reverse #hardware #exploitation #dukeBarman
Video: https://www.youtube.com/watch?v=riQ-WyYrxh4
Slides: https://azeria-labs.com/downloads/Keynote_ArmResearchSummit2020_Azeria.pdf
#reverse #hardware #exploitation #dukeBarman
Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware
Code: https://github.com/fireeye/speakeasy
Article: https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html
#reverse #malware #dukeBarman
Code: https://github.com/fireeye/speakeasy
Article: https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html
#reverse #malware #dukeBarman
GitHub
GitHub - mandiant/speakeasy: Windows kernel and user mode emulation.
Windows kernel and user mode emulation. Contribute to mandiant/speakeasy development by creating an account on GitHub.
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes https://github.com/Antid0teCom/aarch64_mte #ida #reverse #ios #arm #dukeBarman
GitHub
GitHub - Antid0teCom/aarch64_mte: IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extensionβ¦
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes - Antid0teCom/aarch64_mte
Binary Ninja developers open sourced two of their core architectures: armv7 and aarch64
Code: https://github.com/Vector35/arch-armv7 and https://github.com/Vector35/arch-arm64
Article: https://binary.ninja/2020/10/07/open-source-architectures.html
#reverse #arm #binaryninja #dukeBarman
Code: https://github.com/Vector35/arch-armv7 and https://github.com/Vector35/arch-arm64
Article: https://binary.ninja/2020/10/07/open-source-architectures.html
#reverse #arm #binaryninja #dukeBarman
GitHub
GitHub - Vector35/arch-armv7: ARMv7 architecture plugin
ARMv7 architecture plugin. Contribute to Vector35/arch-armv7 development by creating an account on GitHub.
Python-idb now 0.7.1 now supports IDA Pro 5.x-7.5 databases versions and has better API support, no IDA Pro itself required https://pypi.org/project/python-idb/
#reverse #ida #jeisonwi
#reverse #ida #jeisonwi
KaitaiStruct, a cross-language binary format parser API generator, released a new major version 0.9! C++11 support, data validations, little-endian integers, 3 new targets, ... http://kaitai.io/news/2020/10/16/kaitai-struct-v0.9-released.html #reverse #dukeBarman
kaitai.io
Kaitai Struct: declarative binary format parsing language
Kaitai Struct is a formal language for binary format specification that can be compiled into parser code
ESILSolve - A python symbolic execution framework using r2 and ESIL https://github.com/aemmitt-ns/esilsolve (now support symbolically execution PCODE) #reverse #radare2 #ghidra #dukeBarman
GitHub
GitHub - radareorg/esilsolve: A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language)
A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language) - radareorg/esilsolve
Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables https://slaeryan.github.io/posts/midnighttrain.html #reverse #uefi #dukeBarman