IDA Pro 8.0 released!
* Golang 1.18
* iOS 16 dyld shared cache support
* ARC decompiler
* Better firmware analysis
* FLAIR pattern generator (makepat)
https://hex-rays.com/products/ida/news/8_0/
* Golang 1.18
* iOS 16 dyld shared cache support
* ARC decompiler
* Better firmware analysis
* FLAIR pattern generator (makepat)
https://hex-rays.com/products/ida/news/8_0/
Hex-Rays
IDA 8.0 | Hex-Rays Docs
π₯65π9β€4π€©3π2π₯°2
UserComment is a plugin to display user-added comments in disassembly and pseudocode views.
https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747
#reverse #idapro #plugin
https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747
#reverse #idapro #plugin
R0 CREW
UserComment: An IDA plugin to show user-added comments
UserComment is a plugin to display user-added comments in disassembly and pseudocode views. Provides a comment window, displaying user-added comments, including comments in assembly code and pseudocode. Support for different types of comments (common commentsβ¦
π6β€2
CASR β collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity. It is based on ideas from exploitable and apport.
https://github.com/ispras/casr
https://github.com/ispras/casr
GitHub
GitHub - ispras/casr: Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.
Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity. - ispras/casr
π6π₯2π2β€1π―1
π’70π3π2π€2π₯1
Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game
https://decoded.avast.io/janvojtesek/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game/
#gamehack #expdev #reverse #v8 #exploit
https://decoded.avast.io/janvojtesek/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game/
#gamehack #expdev #reverse #v8 #exploit
Gendigital
Dota 2 under attack: How a V8 bug was exploited in the game
Exploiting V8 in Popular Games
π4π€3
Awesome HyperDbg: A list of awesome resources about HyperDbg.
https://github.com/HyperDbg/awesome
#reverse #tools #hyperdbg
https://github.com/HyperDbg/awesome
#reverse #tools #hyperdbg
GitHub
GitHub - HyperDbg/awesome: A list of awesome resources about HyperDbg
A list of awesome resources about HyperDbg. Contribute to HyperDbg/awesome development by creating an account on GitHub.
π₯12π3
Dissecting and Exploiting TCP/IP RCE Vulnerability βEvilESPβ
https://securityintelligence.com/x-force/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/
#expdev #windows #1day
https://securityintelligence.com/x-force/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/
#expdev #windows #1day
Security Intelligence
Dissecting and Exploiting TCP/IP RCE Vulnerability βEvilESPβ
See how one IBM X-Force researcher reverse engineered the patch for CVE-2022-34718, and unpack the affected protocols, how the bug was identified, and how it was reproduced.
π6π2
Debugging Windows Isolated User Mode (IUM) Processes
In this blog post discussed how to debug Windows' Isolated User Mode (IUM) processes, also known as Trustlets, using the virtual TPM of Microsoft Hyper-V as our target.
https://blog.quarkslab.com/debugging-windows-isolated-user-mode-ium-processes.html
#reverse #windows #trustlets
In this blog post discussed how to debug Windows' Isolated User Mode (IUM) processes, also known as Trustlets, using the virtual TPM of Microsoft Hyper-V as our target.
https://blog.quarkslab.com/debugging-windows-isolated-user-mode-ium-processes.html
#reverse #windows #trustlets
Quarkslab
Debugging Windows Isolated User Mode (IUM) Processes - Quarkslab's blog
In this blog post we discuss how to debug Windows' Isolated User Mode (IUM) processes, also known as Trustlets, using the virtual TPM of Microsoft Hyper-V as our target.
Analysis of CVE-2023-29336 Win32k Privilege Escalation Vulnerability (with POC)
https://www.numencyber.com/cve-2023-29336-win32k-analysis/
#expdev #reverse #windows #poc
https://www.numencyber.com/cve-2023-29336-win32k-analysis/
#expdev #reverse #windows #poc
Numen
Analysis of CVE-2023-29336 Win32k Privilege Escalation
Analyzing CVE-2023-29336 Win32k vulnerability, its exploitation, and mitigation measures in the context of evolving security practices.
π3β€1π1
Smart Contract Security: The Ultimate Guide
This article serves as a mini course on smart contract security and provides an extensive list of the issues and vulnerabilities that tend to recur in Solidity smart contracts.
https://www.rareskills.io/post/smart-contract-security
#crypto #security
This article serves as a mini course on smart contract security and provides an extensive list of the issues and vulnerabilities that tend to recur in Solidity smart contracts.
https://www.rareskills.io/post/smart-contract-security
#crypto #security
RareSkills
Smart Contract Security | By RareSkills
Smart Contract Security This article serves as a mini course on smart contract security and provides an extensive list of the issues and vulnerabilities that tend to recur in Solidity smart contracts. A security issue in Solidity boils down to smart contractsβ¦
π3π₯1
Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
https://github.com/memN0ps/bootkit-rs
#redteam #malware #bootkit #windows #rust
https://github.com/memN0ps/bootkit-rs
#redteam #malware #bootkit #windows #rust
GitHub
GitHub - memN0ps/redlotus-rs: Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus) - memN0ps/redlotus-rs
π₯5π1
Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks. The project helps security professionals stay informed and mitigate potential threats.
https://www.loldrivers.io/
#redteam #loldrivers #windows
https://www.loldrivers.io/
#redteam #loldrivers #windows
π€―3β€1π1
Finding and exploiting process killer drivers with LOL for 3000$
In this article, I will introduce some kernel driver/internals theory and explain how to use the data in LOLDrivers to find interesting drivers. Finally, I will present 2 examples of vulnerable drivers and explain how to quickly reverse them and create a PoC to exploit them.
https://alice.climent-pommeret.red/posts/process-killer-driver/
#redteam #loldrivers #windows
In this article, I will introduce some kernel driver/internals theory and explain how to use the data in LOLDrivers to find interesting drivers. Finally, I will present 2 examples of vulnerable drivers and explain how to quickly reverse them and create a PoC to exploit them.
https://alice.climent-pommeret.red/posts/process-killer-driver/
#redteam #loldrivers #windows
π₯4π3β€1π1
WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec
#windows #ctf #malware #tips
https://www.x86matthew.com/view_post?id=windows_no_exec
#windows #ctf #malware #tips
π₯6
Process Injection without R/W target memory and without creating a remote thread
https://github.com/Maff1t/InjectNtdllPOC
#windows #redteam #ctf #malware #tips
https://github.com/Maff1t/InjectNtdllPOC
#windows #redteam #ctf #malware #tips
GitHub
GitHub - Maff1t/InjectNtdllPOC: Process Injection without R/W target memory and without creating a remote thread
Process Injection without R/W target memory and without creating a remote thread - Maff1t/InjectNtdllPOC
π₯16π3
Centralized resource for listing and organizing known injection techniques and POCs
https://github.com/itaymigdal/awesome-injection
#redteam #malware #process #inject
https://github.com/itaymigdal/awesome-injection
#redteam #malware #process #inject
GitHub
GitHub - itaymigdal/awesome-injection: Centralized resource for listing and organizing known injection techniques and POCs
Centralized resource for listing and organizing known injection techniques and POCs - itaymigdal/awesome-injection
π₯8π5
Analyzing a Modern In-the-wild Android Exploit
https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html
#expdev #android #linux
https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html
#expdev #android #linux
projectzero.google
Analyzing a Modern In-the-wild Android Exploit - Project Zero
By Seth Jenkins, Project ZeroIntroductionIn December 2022, Googleβs Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsu...
π₯5
CVE-2023-4047 Root Cause Analysis
https://www.richardosgood.com/posts/cve---2023---4047-root-cause-analysis/
#expdev #windows #1day #winrar
https://www.richardosgood.com/posts/cve---2023---4047-root-cause-analysis/
#expdev #windows #1day #winrar
Richardosgood
CVE-2023-40477 Root Cause Analysis
Root cause analysis for CVE-2023-40477 with PoC
π₯3β€1π1
Advanced Root Detection & Bypass Techniques
In this blog, we will explore techniques related to root detection on Android devices and methods to bypass it. Our main focus will be on the strategies employed by app developers to protect their applications and prevent them from running on compromised devices.
https://8ksec.io/advanced-root-detection-bypass-techniques/
#mobile #android #reverse #frida #root #detection #bypass
In this blog, we will explore techniques related to root detection on Android devices and methods to bypass it. Our main focus will be on the strategies employed by app developers to protect their applications and prevent them from running on compromised devices.
https://8ksec.io/advanced-root-detection-bypass-techniques/
#mobile #android #reverse #frida #root #detection #bypass
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Advanced Frida Usage Part 5 β Advanced Root Detection & Bypass Techniques
Explore techniques related to root detection on Android devices and methods to bypass it.
π5β€4π1
Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device
https://boschko.ca/qemu-emulating-firmware/
#qemu #firmware
https://boschko.ca/qemu-emulating-firmware/
#qemu #firmware
Boschko Security Blog
Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device
A step-by-step how-to guide to using QEMU in Ubuntu 18.04 to emulate embedded devices.
π16π2β€1