Для тех студентов, что хотят интересно и познавательно провести лето 2019, развиваться в области ИБ, компания Digital Security снова открывает набор на "Summ3r 0f h4ck" в Санкт-Петербурге https://habr.com/ru/company/dsec/blog/450036/ #traineeship #dukeBarman
Хабр
Summ3r 0f h4ck: стажировка Digital Security 2019
Digital Security, одна из крупнейших консалтинговых компаний в области ИБ, приглашает на программу летней стажировки «Summ3r 0f h4ck» в Санкт-Петербурге. Summ3r 0f h4ck пройдёт с 15 июля по 15 августа...
A Python implementation of IDA FindCrypt/FindCrypt2 plugin https://github.com/you0708/ida/tree/master/idapython_tools/findcrypt #ida #reverse #dukeBarman
GitHub
ida/idapython_tools/findcrypt at master · you0708/ida
IDA related stuff. Contribute to you0708/ida development by creating an account on GitHub.
Hello everyone! Finally, our forum has moved to a new engine. The forum has two main languages for communication. This is English and Russian. But English has priority now.
https://www.reverse4you.org
https://www.reverse4you.org
Slides from #ghidra workshop INFILTRATE 2019 https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf #reverse #dukeBarman
GitHub
INFILTRATE2019/INFILTRATE Ghidra Slides.pdf at master · 0xAlexei/INFILTRATE2019
INFILTRATE 2019 Demo Materials. Contribute to 0xAlexei/INFILTRATE2019 development by creating an account on GitHub.
How To Do Firmware Analysis. Tools, Tips, and Tricks https://www.pentestpartners.com/security-blog/how-to-do-firmware-analysis-tools-tips-and-tricks/ #hardware #reverse #dukeBarman
Pen Test Partners
How To Do Firmware Analysis. Tools, Tips, and Tricks | Pen Test Partners
So, you’ve got a firmware dump. Perhaps a raw read off a chip? An update file you downloaded off the internet? Now what? Taking a firmware dump and turning it into something useful can sometimes be painful. Sometimes you’ll be faced with proprietary (barely…
SAFE (Self Attentive Function Embedding) - compute binary function embeddings to find out if two functions are similar or not. Based on radare2. github: https://github.com/gadiluna/SAFE Article: https://medium.com/@massarelli/safe-self-attentive-function-embedding-d80abbfea794 #reverse #radare2 #dukeBarman
GitHub
GitHub - gadiluna/SAFE: SAFE: Self-Attentive Function Embeddings for binary similarity
SAFE: Self-Attentive Function Embeddings for binary similarity - gadiluna/SAFE
Working With Ghidra P-Code To Identify Vulnerable Function Calls https://www.riverloopsecurity.com/blog/2019/05/pcode/ #ghidra #dukeBarman
River Loop Security
Working With Ghidra’s P-Code To Identify Vulnerable Function …
Cybersecurity solutions for the whole lifecycle of IoT and embedded systems.
A set of Linux binary exploitation tasks for beginners https://github.com/xairy/easy-linux-pwn #exploit #dukeBarman
GitHub
GitHub - xairy/easy-linux-pwn: A set of Linux binary exploitation tasks for beginners on various architectures
A set of Linux binary exploitation tasks for beginners on various architectures - xairy/easy-linux-pwn
Overcoming fear: reversing with radare2 https://conference.hitb.org/hitbsecconf2019ams/materials/D1T3%20-%20Reversing%20with%20Radare2%20-%20Arnau%20Gamez%20Montolio.pdf #radare2 #reverse #dukeBarman
ANBU - Automatic New Binary Unpacker with PIN DBI Framework https://github.com/Fare9/ANBU #reverse #pin #dukeBarman
GitHub
GitHub - Fare9/ANBU: ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking. - GitHub - Fare9/ANBU: ANBU (Automatic New Binary Unpacker) a tool for me to learn ...
GDB 8.3 Debugger Brings RISC-V, Terminal Styling, C++ Injection, IPv6 Connections https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=gdb-8.3-release #debugger #dukeBarman
New class of speculative execution vulnerability: MDS (Microarchitectural Data Sampling) is a hardware vulnerability which allows unprivileged speculative access to data which is available in various CPU internal buffers.
RIDL and Fallout: MDS attacks
"Intro": https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
Official site: https://mdsattacks.com/
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
#hardware #exploit #dukeBarman
RIDL and Fallout: MDS attacks
"Intro": https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
Official site: https://mdsattacks.com/
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
#hardware #exploit #dukeBarman
Plugin for Ghidra to assist reversing Golang binaries https://github.com/felberj/gotools #reverse #ghidra #dukeBarman
GitHub
GitHub - felberj/gotools: Plugin for Ghidra to assist reversing Golang binaries
Plugin for Ghidra to assist reversing Golang binaries - felberj/gotools
Forwarded from OFFZONE
Уязвимости спекулятивного исполнения в современных процессорах свалились как снег на голову, но, кажется, худшее уже позади🙂
Хотя атаки типа Spectre и останутся с нами навсегда, чтобы уберечь нас от таких уязвимостей Intel CPU как Meltdown и Foreshadow, были внедрены различные меры. В свою очередь, разработчики браузеров внедрили изоляцию процессов, а у Intel даже есть кремниевые исправления в своих последних CPU.
Вы чувствуете себя в безопасности? 😈
Себастьян Остерлунд и Стефан Ван Шейк, члены исследовательской группы VUSec, выступят с подробным докладом о новых уязвимостях Intel на OFFZONE 2019.
#ridl #mds
Подробнее: https://offzone.moscow/ru/news/sebastian-sterlund-and-stephan-van-schaik-will-give-an-in-depth-talk-on-the-intel-s-new-vulnerabilit/
Хотя атаки типа Spectre и останутся с нами навсегда, чтобы уберечь нас от таких уязвимостей Intel CPU как Meltdown и Foreshadow, были внедрены различные меры. В свою очередь, разработчики браузеров внедрили изоляцию процессов, а у Intel даже есть кремниевые исправления в своих последних CPU.
Вы чувствуете себя в безопасности? 😈
Себастьян Остерлунд и Стефан Ван Шейк, члены исследовательской группы VUSec, выступят с подробным докладом о новых уязвимостях Intel на OFFZONE 2019.
#ridl #mds
Подробнее: https://offzone.moscow/ru/news/sebastian-sterlund-and-stephan-van-schaik-will-give-an-in-depth-talk-on-the-intel-s-new-vulnerabilit/
RISC-V from scratch 1: Introduction, toolchain setup, and hello world! https://twilco.github.io/riscv-from-scratch/2019/03/10/riscv-from-scratch-1.html
RISC-V from scratch 2: Hardware layouts, linker scripts, and C runtimes https://twilco.github.io/riscv-from-scratch/2019/04/27/riscv-from-scratch-2.html
#hardware #risc-v #dukeBarman
RISC-V from scratch 2: Hardware layouts, linker scripts, and C runtimes https://twilco.github.io/riscv-from-scratch/2019/04/27/riscv-from-scratch-2.html
#hardware #risc-v #dukeBarman
twilco’s blog
RISC-V from scratch 1: Introduction, toolchain setup, and hello world!
A post that discusses what RISC-V is and why it’s important, teaches readers how to install the GNU RISC-V toolchain, and walks through building and running a simple C program on emulated RISC-V hardware.
Cutter v1.8.2 has just been released! https://github.com/radareorg/cutter/releases/tag/v1.8.2 #radare2 #reverse #dukeBarman
GitHub
Release Cutter 1.8.2 · rizinorg/cutter
Additions
Updated radare2 to 3.5.1
New Hexedit (#1516)
Save Console Wrap in QSettings (#1550)
Added hotkeys for undo and redo seek (#1514)
Added advanced options aao and avrr to the initial option...
Updated radare2 to 3.5.1
New Hexedit (#1516)
Save Console Wrap in QSettings (#1550)
Added hotkeys for undo and redo seek (#1514)
Added advanced options aao and avrr to the initial option...