IDA-minsc is a plugin for IDA Pro that simplifies IDAPython https://github.com/arizvisa/ida-minsc #reverse #IDA #dukeBarman
GitHub
GitHub - arizvisa/ida-minsc: A plugin based on IDAPython for a functional DWIM interface. Current development against most recent…
A plugin based on IDAPython for a functional DWIM interface. Current development against most recent IDA is in the "persistence-refactor" branch, ancient (but stable) work is in &...
Database of private SSL/SSH keys for embedded devices https://github.com/devttys0/littleblackbox #reverse #hardware #dukeBarman
GitHub
GitHub - devttys0/littleblackbox: Database of private SSL/SSH keys for embedded devices
Database of private SSL/SSH keys for embedded devices - devttys0/littleblackbox
FIN7: Lizar toolkit architecture
https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
#malware #analysis #darw1n
https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
#malware #analysis #darw1n
Medium
From pentest to APT attack: cybercriminal group FIN7 disguises its malware as an ethical hacker’s…
The article was prepared by BI.ZONE Cyber Threats Research Team
Experiment to attempt to build Apple's dyld tools. https://github.com/oleavr/dyld-tools #iOS #macOS #reverse #dukeBarman
GitHub
GitHub - oleavr/dyld-tools: Experiment to attempt to build Apple's dyld tools.
Experiment to attempt to build Apple's dyld tools. - oleavr/dyld-tools
A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence https://github.com/MCUSec/uEmu #reverse #hardware #dukeBarman
GitHub
GitHub - MCUSec/uEmu: A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence.
A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence. - MCUSec/uEmu
🎉 Today marks IDA's 30 years around the sun! Join us in celebrating this birthday, and expect many more to come: https://hex-rays.com/blog/ida-celebrating-30-years-of-binary-analysis-innovation/
#idapro #30thanniversary #reverse #ida #KosBeg
#idapro #30thanniversary #reverse #ida #KosBeg
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture
https://back.engineering/17/05/2021/
#reverse #vm #debug #vmprotect #antidebug #analysis #KosBeg
https://back.engineering/17/05/2021/
#reverse #vm #debug #vmprotect #antidebug #analysis #KosBeg
iOS 14.5 WebKit/Safari based Jailbreak Made by RPwnage & the Manticore team
https://github.com/RPwnage/pwn-my
#reverse #expdev #ios #mobile #jailbreak #heckysome
https://github.com/RPwnage/pwn-my
#reverse #expdev #ios #mobile #jailbreak #heckysome
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
PT SWARM
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
I build robots for fun. Rick Sanchez It’s common knowledge that in 2019 the NSA decided to open source its reverse engineering framework known as Ghidra. Due to its versatility, it quickly became popular among security researchers. This article is one of…
Decompiling Node.js in Ghidra
https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #heckysome
https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #heckysome
PT SWARM
Decompiling Node.js in Ghidra
Have you ever wanted to find out how a program you often use, a game you play a lot, or the firmware of some realtime device actually works? If so, what you need is a disassembler. Better still, a decompiler. While things are pretty clear with x86–x64, Java…
M1RACLES: An Apple M1 Vulnerability is a covert channel vulnerability in the Apple Silicon “M1” chip ( it isn't real vuln ). https://m1racles.com/ #exploitation #macOS #hardware #fun
M1Racles
M1RACLES: An Apple M1 Vulnerability
M1RACLES (CVE-2021-30747) is a covert channel vulnerability in the Apple Silicon “M1” chip.
Creating a Ghidra processor module in SLEIGH using V8 bytecode as an example
https://swarm.ptsecurity.com/creating-a-ghidra-processor-module-in-sleigh-using-v8-bytecode-as-an-example/
#reverse #ghidra #decompiler #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/creating-a-ghidra-processor-module-in-sleigh-using-v8-bytecode-as-an-example/
#reverse #ghidra #decompiler #nodejs #v8 #plugin #darw1n
PT SWARM
Creating a Ghidra processor module in SLEIGH using V8 bytecode as an example
Last year our team had to analyze V8 bytecode. Back then, there were no tools in place to decompile such code and facilitate convenient navigation over it. We decided to try writing a processor module for the Ghidra framework. Thanks to the features of the…
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
PT SWARM
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
When we were developing the ghidra nodejs module for Ghidra, we realized that it was not always possible to correctly implement V8 (JavaScript engine that is used by Node.js) opcodes in SLEIGH. In such runtime environments as V8 and JVM, a single opcode might…