An Introduction To Code Analysis With Ghidra https://threatvector.cylance.com/en_us/home/an-introduction-to-code-analysis-with-ghidra.html #ghidra #reverse #newbie #dukeBarman
BlackBerry
Code Analysis With Ghidra: An Introduction
Ghidra is a free software reverse-engineering framework developed by the NSA and released as open-source software. Learn how to use Ghidra to perform malicious code analysis.
RPC_SERVER_INTERFACE parser for Ghidra https://blog.sektor7.net/#!res/2019/RPC-parser.md #ghidra #reverse #dukeBarman
blog.sektor7.net
SEKTOR7 Research Blog
malware development, malware development course, offensive code development, offensive coding, offcoding, red team operator, red teaming, blue team, blog
Update for #Ghidra building docker image: https://github.com/dukebarman/ghidra-builder Now you can build this from host's source folder. #reverse #dukeBarman
GitHub
GitHub - dukebarman/ghidra-builder: Docker image for building ghidra RE framework from source
Docker image for building ghidra RE framework from source - dukebarman/ghidra-builder
Collin Mulliner released the FwAnalyzer, a tool for automated review of firmware images, at #Blackhat 2019 https://github.com/cruise-automation/fwanalyzer #reverse #hardware #dukeBarman
GitHub
GitHub - cruise-automation/fwanalyzer: a tool to analyze filesystem images for security
a tool to analyze filesystem images for security. Contribute to cruise-automation/fwanalyzer development by creating an account on GitHub.
Arm IDA and Cross Check: Reversing the Boeing 787's Core Network https://i.blackhat.com/USA-19/Wednesday/us-19-Santamarta-Arm-IDA-And-Cross-Check-Reversing-The-787-Core-Network.pdf #reverse #hardware #blackhat #dukeBarman
Attacking iPhone XS Max https://i.blackhat.com/USA-19/Thursday/us-19-Wang-Attacking-IPhone-XS-Max.pdf #exploit #blackhat #ios #dukeBarman
Building a custom malware sandbox with PANDA - Part 1 https://adalogics.com/blog/Building-a-custom-malware-sandbox-with-PANDA-Part-1 #reverse #malware #dukeBarman
A set of tools able to transform hardware execution traces into formats more suitable for integration into other tools https://github.com/lse/wakare #reverse #radare2 #binaryninja #dukeBarman
GitHub
GitHub - lse/wakare: experimentation/code from Tanguy Dubroca (summer 2019)
experimentation/code from Tanguy Dubroca (summer 2019) - lse/wakare
Paged Out! #1 is out! (It is a new experimental (one article == one page) free magazine about programming, hacking, security hacking, and other similar topics from famous hackers). https://pagedout.institute/?page=issues.php #ezine #PagedOut #dukeBarman
#ScrewedDrivers: Common Design Flaw In Dozens (40+) of Device Drivers Allows Widespread Windows Compromise https://eclypsium.com/wp-content/uploads/2019/08/DEFCON-27-Get-off-the-kernel-if-you-cant-drive.pdf #hardware #exploit #dukeBarman
Modern Debugging with WinDbg Preview https://github.com/hugsy/defcon_27_windbg_workshop/ #debugger #defcon #windbg #dukeBarman
GitHub
GitHub - hugsy/defcon_27_windbg_workshop: DEFCON 27 workshop - Modern Debugging with WinDbg Preview
DEFCON 27 workshop - Modern Debugging with WinDbg Preview - hugsy/defcon_27_windbg_workshop
Software Reverse Engineering with Ghidra (C++ mostly) https://www.youtube.com/playlist?list=PLRAe18TJ_NTE9cr18OPphn82WS8gVv-te #ghidra #reverse #video #dukeBarman
"Advancing Windows Security" https://www.microsoft.com/en-us/videoplayer/embed/RE3a7fD #windows #bluehat #video #dukeBarman
IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE https://github.com/JonathanSalwan/X-Tunnel-Opaque-Predicates #ida #dukeBarman
GitHub
GitHub - JonathanSalwan/X-Tunnel-Opaque-Predicates: IDA+Triton plugin in order to extract opaque predicates using a Forward-Boundedβ¦
IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE. Example with X-Tunnel. - JonathanSalwan/X-Tunnel-Opaque-Predicates
XPN's RpcEnum but based on IDA instead of Ghidra https://github.com/tsarpaul/RpcEnumIDA #ida #dukeBarman
GitHub
GitHub - tsarpaul/RpcEnumIDA: XPN's RpcEnum but based on IDA instead of Ghidra
XPN's RpcEnum but based on IDA instead of Ghidra. Contribute to tsarpaul/RpcEnumIDA development by creating an account on GitHub.
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra https://gist.github.com/nstarke/ed0aba2c882b8b3078747a567ee00520 #ghidra #reverse #dukeBarman
Gist
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra - 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Good news! New versions of #IDA will move to Python3 https://www.hex-rays.com/products/ida/support/ida74_idapython_python3.shtml #reverse #dukeBarman
Hex-Rays
IDAPython and Python 3 | Hex-Rays Docs
Extract annoations from Ghidra into an X32/X64 dbg database https://github.com/revolver-ocelot-saa/GhidraX64Dbg #reverse #ghidra #dukeBarman
GitHub
GitHub - revolver-ocelot-saa/GhidraX64Dbg: Extract annoations from Ghidra into an X32/X64 dbg database
Extract annoations from Ghidra into an X32/X64 dbg database - revolver-ocelot-saa/GhidraX64Dbg