π Today marks IDA's 30 years around the sun! Join us in celebrating this birthday, and expect many more to come: https://hex-rays.com/blog/ida-celebrating-30-years-of-binary-analysis-innovation/
#idapro #30thanniversary #reverse #ida #KosBeg
#idapro #30thanniversary #reverse #ida #KosBeg
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture
https://back.engineering/17/05/2021/
#reverse #vm #debug #vmprotect #antidebug #analysis #KosBeg
https://back.engineering/17/05/2021/
#reverse #vm #debug #vmprotect #antidebug #analysis #KosBeg
iOS 14.5 WebKit/Safari based Jailbreak Made by RPwnage & the Manticore team
https://github.com/RPwnage/pwn-my
#reverse #expdev #ios #mobile #jailbreak #heckysome
https://github.com/RPwnage/pwn-my
#reverse #expdev #ios #mobile #jailbreak #heckysome
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
PT SWARM
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
I build robots for fun. Rick Sanchez Itβs common knowledge that in 2019 the NSA decided to open source its reverse engineering framework known as Ghidra. Due to its versatility, it quickly became popular among security researchers. This article is one ofβ¦
Decompiling Node.js in Ghidra
https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #heckysome
https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #heckysome
PT SWARM
Decompiling Node.js in Ghidra
Have you ever wanted to find out how a program you often use, a game you play a lot, or the firmware of some realtime device actually works? If so, what you need is a disassembler. Better still, a decompiler. While things are pretty clear with x86βx64, Javaβ¦
M1RACLES: An Apple M1 Vulnerability is a covert channel vulnerability in the Apple Silicon βM1β chip ( it isn't real vuln ). https://m1racles.com/ #exploitation #macOS #hardware #fun
M1Racles
M1RACLES: An Apple M1 Vulnerability
M1RACLES (CVE-2021-30747) is a covert channel vulnerability in the Apple Silicon βM1β chip.
Creating a Ghidra processor module in SLEIGH using V8 bytecode as an example
https://swarm.ptsecurity.com/creating-a-ghidra-processor-module-in-sleigh-using-v8-bytecode-as-an-example/
#reverse #ghidra #decompiler #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/creating-a-ghidra-processor-module-in-sleigh-using-v8-bytecode-as-an-example/
#reverse #ghidra #decompiler #nodejs #v8 #plugin #darw1n
PT SWARM
Creating a Ghidra processor module in SLEIGH using V8 bytecode as an example
Last year our team had to analyze V8 bytecode. Back then, there were no tools in place to decompile such code and facilitate convenient navigation over it. We decided to try writing a processor module for the Ghidra framework. Thanks to the features of theβ¦
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
https://swarm.ptsecurity.com/guide-to-p-code-injection/
#reverse #ghidra #decompiler #pcode #nodejs #v8 #plugin #darw1n
PT SWARM
Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra
When we were developing the ghidra nodejs module for Ghidra, we realized that it was not always possible to correctly implement V8 (JavaScript engine that is used by Node.js) opcodes in SLEIGH. In such runtime environments as V8 and JVM, a single opcode mightβ¦
tiny_tracer 1.6.1 was released. It's a Pin Tool for tracing API calls, etc. https://github.com/hasherezade/tiny_tracer/releases/tag/1.6.1 #reverse #dukeBarman
GitHub
Release 1.6.1 Β· hasherezade/tiny_tracer
π README.md
REFACT
Refactored to build with the latest Pin: 3.19
Requires Intel Pin 3.19 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to com...
REFACT
Refactored to build with the latest Pin: 3.19
Requires Intel Pin 3.19 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to com...
Ghidra 10.0 is out! There is debugger support now which is great, that will definitely bridge a usability gap.
https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_10.0_build
#reverse #ghidra #debugger #darw1n
https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_10.0_build
#reverse #ghidra #debugger #darw1n
GitHub
Release Ghidra 10.0 Β· NationalSecurityAgency/ghidra
WARNING: Contains log4j vulnerability
What's New
Change History
SHA-256: aaf84d14fb059beda10de9056e013186601962b6f87cd31161aaac57698a0f11
What's New
Change History
SHA-256: aaf84d14fb059beda10de9056e013186601962b6f87cd31161aaac57698a0f11
Cutter 2.0 - Introduction of new features (Reverse Debugging...) https://www.youtube.com/watch?v=wXfbnzcYIlU #reverse #rizin #Cutter #dukeBarman
YouTube
Cutter 2.0 - Introduction of new features (Reverse Debugging...)
This video is about new Release of awesome tool Cutter (2.0), which is a free and open-source reverse engineering platform powered by rizin.
It is a first release of Cutter that is using Rizin as its core backend.
Example features covered in this video:β¦
It is a first release of Cutter that is using Rizin as its core backend.
Example features covered in this video:β¦
Windows Exploit Suggester was updated to Python 3 https://github.com/a1ext/Windows-Exploit-Suggester #security #windows #dukeBarman
GitHub
GitHub - a1ext/Windows-Exploit-Suggester: This tool compares a targets patch levels against the Microsoft vulnerability databaseβ¦
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl...
Ghidra Scripts/Plugins/Extension
https://github.com/AllsafeCyberSecurity/awesome-ghidra
#reverse #ghidra #plugin #extension #script #darw1n
https://github.com/AllsafeCyberSecurity/awesome-ghidra
#reverse #ghidra #plugin #extension #script #darw1n
GitHub
GitHub - AllsafeCyberSecurity/awesome-ghidra: A curated list of awesome Ghidra materials
A curated list of awesome Ghidra materials. Contribute to AllsafeCyberSecurity/awesome-ghidra development by creating an account on GitHub.
The new OpenSecurityTraining2 site has been launched at http://ost2.fyi The public betas of refreshed classes on x86-64 assembly, x86-64 OS internals and coreboot are now open #security #hardware #reverse #dukeBarman
We don't know what happened. But it looks like the Chinese friends are celebrating some kind of holiday again. Maybe some of them have a birthday today?
https://twitter.com/R0_CREW/status/1422084760713715714
RT plz π
https://twitter.com/R0_CREW/status/1422084760713715714
RT plz π
Twitter
R0 CREW
[LEAKED] IDA Pro 7.6 SP1 + HexRays (x86/x64/ARM/ARM64/MIPS) Some guy "gogogo" came to our telegram (t.me/r0_chat) chat and leaked IDA Pro 7.6 SP1. forum.reverse4you.org/t/leaked-ida-p⦠#idapro #ida #leaked #decompilers
YauzaCTF 2021 is a task-based competition that will take place online on August 27-29 at 12:00 (UTC+0).
It will give the participants the atmosphere of the Soviet past.
For 48 hours, participants will be able to solve tasks of all categories:
- web, reverse, pwn, forensics, crypto, OSINT, joy.
Also new categories have been added:
- hardware, pentest and emulation!
The organizers and sponsors of the event have prepared many interesting prizes. More details on the event website.
ABOUT EVENT:
πΉ Event website: https://yauzactf.com/en
π CTFtime page: https://ctftime.org/event/1417/
π Competition type: task-based competition
π Start: on August 27 at 12:00 (UTC+0)
β° Duration: 48 hours
π¨βπ¨βπ¦βπ¦ Number of people in the team: maximum 7 people
π₯ Qualification: students from CIS schools or universities (graduating not earlier than 2021) and those, who born not earlier than 1995
CONTACTS
βοΈ For any questions talk to @drakylar
#ctf #YauzaCTF
It will give the participants the atmosphere of the Soviet past.
For 48 hours, participants will be able to solve tasks of all categories:
- web, reverse, pwn, forensics, crypto, OSINT, joy.
Also new categories have been added:
- hardware, pentest and emulation!
The organizers and sponsors of the event have prepared many interesting prizes. More details on the event website.
ABOUT EVENT:
πΉ Event website: https://yauzactf.com/en
π CTFtime page: https://ctftime.org/event/1417/
π Competition type: task-based competition
π Start: on August 27 at 12:00 (UTC+0)
β° Duration: 48 hours
π¨βπ¨βπ¦βπ¦ Number of people in the team: maximum 7 people
π₯ Qualification: students from CIS schools or universities (graduating not earlier than 2021) and those, who born not earlier than 1995
CONTACTS
βοΈ For any questions talk to @drakylar
#ctf #YauzaCTF
Introducing Lumen Server Protocol
https://abda.nl/posts/introducing-lumen/
A private Lumina server for IDA Pro
https://github.com/naim94a/lumen
Investigating IDA Lumina Feature
https://www.synacktiv.com/en/publications/investigating-ida-lumina-feature.html
Local server for IDA Lumina feature
https://github.com/synacktiv/lumina_server
#reverse #tools #lumina #server #protocol #rpc #poc #darw1n
https://abda.nl/posts/introducing-lumen/
A private Lumina server for IDA Pro
https://github.com/naim94a/lumen
Investigating IDA Lumina Feature
https://www.synacktiv.com/en/publications/investigating-ida-lumina-feature.html
Local server for IDA Lumina feature
https://github.com/synacktiv/lumina_server
#reverse #tools #lumina #server #protocol #rpc #poc #darw1n
abda.nl
Introducing Lumen
Lumen - A private Lumina server for IDA Pro