Working With Ghidra P-Code To Identify Vulnerable Function Calls https://www.riverloopsecurity.com/blog/2019/05/pcode/ #ghidra #dukeBarman
River Loop Security
Working With Ghidra’s P-Code To Identify Vulnerable Function …
Cybersecurity solutions for the whole lifecycle of IoT and embedded systems.
A set of Linux binary exploitation tasks for beginners https://github.com/xairy/easy-linux-pwn #exploit #dukeBarman
GitHub
GitHub - xairy/easy-linux-pwn: A set of Linux binary exploitation tasks for beginners on various architectures
A set of Linux binary exploitation tasks for beginners on various architectures - xairy/easy-linux-pwn
Overcoming fear: reversing with radare2 https://conference.hitb.org/hitbsecconf2019ams/materials/D1T3%20-%20Reversing%20with%20Radare2%20-%20Arnau%20Gamez%20Montolio.pdf #radare2 #reverse #dukeBarman
ANBU - Automatic New Binary Unpacker with PIN DBI Framework https://github.com/Fare9/ANBU #reverse #pin #dukeBarman
GitHub
GitHub - Fare9/ANBU: ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking. - GitHub - Fare9/ANBU: ANBU (Automatic New Binary Unpacker) a tool for me to learn ...
GDB 8.3 Debugger Brings RISC-V, Terminal Styling, C++ Injection, IPv6 Connections https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=gdb-8.3-release #debugger #dukeBarman
New class of speculative execution vulnerability: MDS (Microarchitectural Data Sampling) is a hardware vulnerability which allows unprivileged speculative access to data which is available in various CPU internal buffers.
RIDL and Fallout: MDS attacks
"Intro": https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
Official site: https://mdsattacks.com/
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
#hardware #exploit #dukeBarman
RIDL and Fallout: MDS attacks
"Intro": https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
Official site: https://mdsattacks.com/
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
#hardware #exploit #dukeBarman
Plugin for Ghidra to assist reversing Golang binaries https://github.com/felberj/gotools #reverse #ghidra #dukeBarman
GitHub
GitHub - felberj/gotools: Plugin for Ghidra to assist reversing Golang binaries
Plugin for Ghidra to assist reversing Golang binaries - felberj/gotools
Forwarded from OFFZONE
Уязвимости спекулятивного исполнения в современных процессорах свалились как снег на голову, но, кажется, худшее уже позади🙂
Хотя атаки типа Spectre и останутся с нами навсегда, чтобы уберечь нас от таких уязвимостей Intel CPU как Meltdown и Foreshadow, были внедрены различные меры. В свою очередь, разработчики браузеров внедрили изоляцию процессов, а у Intel даже есть кремниевые исправления в своих последних CPU.
Вы чувствуете себя в безопасности? 😈
Себастьян Остерлунд и Стефан Ван Шейк, члены исследовательской группы VUSec, выступят с подробным докладом о новых уязвимостях Intel на OFFZONE 2019.
#ridl #mds
Подробнее: https://offzone.moscow/ru/news/sebastian-sterlund-and-stephan-van-schaik-will-give-an-in-depth-talk-on-the-intel-s-new-vulnerabilit/
Хотя атаки типа Spectre и останутся с нами навсегда, чтобы уберечь нас от таких уязвимостей Intel CPU как Meltdown и Foreshadow, были внедрены различные меры. В свою очередь, разработчики браузеров внедрили изоляцию процессов, а у Intel даже есть кремниевые исправления в своих последних CPU.
Вы чувствуете себя в безопасности? 😈
Себастьян Остерлунд и Стефан Ван Шейк, члены исследовательской группы VUSec, выступят с подробным докладом о новых уязвимостях Intel на OFFZONE 2019.
#ridl #mds
Подробнее: https://offzone.moscow/ru/news/sebastian-sterlund-and-stephan-van-schaik-will-give-an-in-depth-talk-on-the-intel-s-new-vulnerabilit/
RISC-V from scratch 1: Introduction, toolchain setup, and hello world! https://twilco.github.io/riscv-from-scratch/2019/03/10/riscv-from-scratch-1.html
RISC-V from scratch 2: Hardware layouts, linker scripts, and C runtimes https://twilco.github.io/riscv-from-scratch/2019/04/27/riscv-from-scratch-2.html
#hardware #risc-v #dukeBarman
RISC-V from scratch 2: Hardware layouts, linker scripts, and C runtimes https://twilco.github.io/riscv-from-scratch/2019/04/27/riscv-from-scratch-2.html
#hardware #risc-v #dukeBarman
twilco’s blog
RISC-V from scratch 1: Introduction, toolchain setup, and hello world!
A post that discusses what RISC-V is and why it’s important, teaches readers how to install the GNU RISC-V toolchain, and walks through building and running a simple C program on emulated RISC-V hardware.
Cutter v1.8.2 has just been released! https://github.com/radareorg/cutter/releases/tag/v1.8.2 #radare2 #reverse #dukeBarman
GitHub
Release Cutter 1.8.2 · rizinorg/cutter
Additions
Updated radare2 to 3.5.1
New Hexedit (#1516)
Save Console Wrap in QSettings (#1550)
Added hotkeys for undo and redo seek (#1514)
Added advanced options aao and avrr to the initial option...
Updated radare2 to 3.5.1
New Hexedit (#1516)
Save Console Wrap in QSettings (#1550)
Added hotkeys for undo and redo seek (#1514)
Added advanced options aao and avrr to the initial option...
Principal Reverse Engineer (Remote Full Time Job)
https://forum.reverse4you.org/t/principal-reverse-engineer-remote-full-time-job/10561
#вакансия #vacancy
https://forum.reverse4you.org/t/principal-reverse-engineer-remote-full-time-job/10561
#вакансия #vacancy
R0 CREW
Principal Reverse Engineer - Remote Full time Job
Principal Reverse Engineer REMOTE For all details, please, feel free to contact me: anna@scrapinghub.com, telegram: @AnnPaMi About the Job: As a Principal Reverse Engineer at Scrapinghub, your key objective will be to find sustainable and scalable solutions…
Ghidra Processor Documentation Downloader https://gist.github.com/richinseattle/a80ebb7e2e4d4c8a815bc052b6c12210 #ghidra #dukeBarman
LaunchWinAFL Usage:
1) Install dynamorio and winafl
2) add https://gist.github.com/richinseattle/613105953003ec5e1f24ca17b2d8541f to ghidra scripts, set some one-time config at top; install paths, etc
3) load target exe & coverage dlls into ghidra
4) go to target function in disasm
5) run script to start fuzzing!
#ghidra #fuzzing #dukeBarman
1) Install dynamorio and winafl
2) add https://gist.github.com/richinseattle/613105953003ec5e1f24ca17b2d8541f to ghidra scripts, set some one-time config at top; install paths, etc
3) load target exe & coverage dlls into ghidra
4) go to target function in disasm
5) run script to start fuzzing!
#ghidra #fuzzing #dukeBarman
Gist
LaunchWinAFL.java
GitHub Gist: instantly share code, notes, and snippets.
In this episode, Mark Downie shows "Time Travel Debugging" https://channel9.msdn.com/Shows/Visual-Studio-Toolbox/Time-Travel-Debugging #debugger #dukeBarman
Docs
Time Travel Debugging
In this episode, Robert is joined by Mark Downie, who shows us Time Travel Debugging. provides the ability to record a Web app running on a Azure Virtual Machine (VM) and then accurately reconstruct and replay the execution path. You can record code executed…
Ret-sync now supports Ghidra (syncing with popular debuggers) https://github.com/bootleg/ret-sync #ghidra #reverse #debugger #dukeBarman
GitHub
GitHub - bootleg/ret-sync: ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg)…
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers. - bootleg/ret-sync
MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy(dst, src, n) and memmove(dst, c, n) functions. https://github.com/patois/mrspicky #ida #dukeBarman
GitHub
GitHub - patois/mrspicky: MrsPicky - An IDAPython decompiler script that helps auditing memcpy() and memmove() calls
MrsPicky - An IDAPython decompiler script that helps auditing memcpy() and memmove() calls - patois/mrspicky
Razzer: Finding kernel race bugs through fuzzing https://github.com/compsec-snu/razzer #fuzzing #linux #dukeBarman
GitHub
GitHub - compsec-snu/razzer: A Kernel fuzzer focusing on race bugs
A Kernel fuzzer focusing on race bugs. Contribute to compsec-snu/razzer development by creating an account on GitHub.