A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) https://github.com/marin-m/vmlinux-to-elf #reverse #linux #dukeBarman
GitHub
GitHub - marin-m/vmlinux-to-elf: A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol…
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) - marin-m/vmlinux-to-elf
Integrate Ghidra's decompiler as an Ida plugin https://github.com/cseagle/blc #reverse #ida #ghidra #dukeBarman
GitHub
GitHub - cseagle/blc: Integrate Ghidra's decompiler as an Ida plugin
Integrate Ghidra's decompiler as an Ida plugin. Contribute to cseagle/blc development by creating an account on GitHub.
Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400 https://github.com/wargio/libmc7 #reverse #radare2 #dukeBarman
GitHub
GitHub - rizinorg/rz-libmc7: Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400
Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400 - rizinorg/rz-libmc7
Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019 https://vimeo.com/335158460 #reverse #ghidra #dukeBarman
Vimeo
Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019
INFILTRATE 2020 will be held October 11-16, Miami Beach, Florida, infiltratecon.com
Remote iPhone Exploitation
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
#exploit #ios #dukeBarman
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
#exploit #ios #dukeBarman
Blogspot
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
Posted by Samuel Groß, Project Zero Introduction This is the first blog post in a three-part series that will detail how a vulnerability...
Windows Debugging & Exploiting
Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
#debugger #windbg #reverse #dukeBarman
Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
#debugger #windbg #reverse #dukeBarman
Trustwave
Windows Debugging & Exploiting Part 1 - Environment Setup
In this blog series, I will try to set some base knowledge for Windows system debugging and exploitation and present how to setup an environment for remote kernel debugging.
Native XEX loader for IDA 7+, supporting most known Xbox360 executable formats. https://github.com/emoose/idaxex #reverse #ida #dukeBarman
GitHub
GitHub - emoose/idaxex: Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats…
Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats (XEX/XBE) - emoose/idaxex
[ KASLD ] Kernel Address Space Layout Derandomization - A collection of various techniques to bypass KASLR and retrieve the Linux kernel base virtual address on x86 / x86_64 architectures as an unprivileged user https://github.com/bcoles/kasld #exploitation #linux #dukeBarman
GitHub
GitHub - bcoles/kasld: Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux…
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing K...
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) https://github.com/guyinatuxedo/nightmare #reverse #exploitation #dukeBarman
GitHub
GitHub - guyinatuxedo/nightmare
Contribute to guyinatuxedo/nightmare development by creating an account on GitHub.
Browser jit exploitation quick start by https://twitter.com/hosselot/
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javascript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javascript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
X (formerly Twitter)
Hossein Lotfi (@hosselot) on X
Vulnerability researcher at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips. 'A machine never faults. It reflects human's faults.'
BattlEye Anticheat: Analysis And Mitigation
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Хабр
Реверс-инжиниринг популярного античита BattlEye
BattlEye — это преимущетвенно немецкий сторонний античит, в основном разрабатываемый 32-летним Бастианом Хейко Сутером. Он предоставляет (или пытается предостав...
UEFI modules analysing with BinDiff IDA plugin https://yeggor.github.io/UEFI_BinDiff/ #reverse #dukeBarman
A collection of pwn/CTF related utilities for Ghidra https://github.com/0xb0bb/pwndra #reverse #ctf #ghidra #dukeBarman
GitHub
GitHub - 0xb0bb/pwndra: A collection of pwn/CTF related utilities for Ghidra
A collection of pwn/CTF related utilities for Ghidra - 0xb0bb/pwndra
Reverse engineering course by Z0F. Focuses on x64 Windows https://github.com/0xZ0F/Z0FCourse_ReverseEngineering #reverse #dukeBarman
GitHub
GitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.
Reverse engineering focusing on x64 Windows. Contribute to 0xZ0F/Z0FCourse_ReverseEngineering development by creating an account on GitHub.
Fifty shades darker: no safe wor(l)d in SMM https://www.synacktiv.com/posts/exploit/through-the-smm-class-and-a-vulnerability-found-there.html #reverse #uefi #hardware #dukeBarman
#Ghidra Script that sets the names for missing function names by looking for relevant patterns in the binary (using regex!) https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_scripts #reverse #dukeBarman
GitHub
general-research-tools/ghidra_scripts at master · alephsecurity/general-research-tools
Contribute to alephsecurity/general-research-tools development by creating an account on GitHub.