A workshop about hash collisions exploitations by Ange Albertini Slides: https://speakerdeck.com/ange/colltris Materials: https://github.com/corkami/collisions/blob/master/workshop/README.md #reverse #dukeBarman
Speaker Deck
Colltris
A workshop about hash collisions exploitations.
Extra materials @ https://github.com/corkami/collisions/blob/master/workshop/README.md
Current ver…
Extra materials @ https://github.com/corkami/collisions/blob/master/workshop/README.md
Current ver…
Modern Binary Analysis with ILs:
An interesting talk on binary analysis problems and important aspects of an IL.
https://binary.ninja/presentations/Modern%20Binary%20Analysis%20with%20ILs.pdf
#re #binary #trietptm
An interesting talk on binary analysis problems and important aspects of an IL.
https://binary.ninja/presentations/Modern%20Binary%20Analysis%20with%20ILs.pdf
#re #binary #trietptm
KTRW: The journey to build a debuggable iPhone (performing single-step kernel debugging with LLDB and IDA Pro over USB)
Article: https://googleprojectzero.blogspot.com/2019/10/ktrw-journey-to-build-debuggable-iphone.html
Source: https://github.com/googleprojectzero/ktrw #ios #debugger #dukeBarman
Article: https://googleprojectzero.blogspot.com/2019/10/ktrw-journey-to-build-debuggable-iphone.html
Source: https://github.com/googleprojectzero/ktrw #ios #debugger #dukeBarman
Blogspot
KTRW: The journey to build a debuggable iPhone
Posted by Brandon Azad, Project Zero In my role here at Project Zero, I do not use some of the tooling used by some external iOS securit...
"Leveraging KVM as a debugging platform" https://drive.google.com/file/d/1nFoCM62BWKSz2TKhNkrOjVwD8gP51VGK/view #debugger #hacklu #dukeBarman
Platform Security Summit 2019 videos https://www.youtube.com/watch?v=WmC65VrnBPI&list=PLZZv_tsTtzHb2P6z9JGCRldtTdhJb3y0C #hardware #conference #dukeBarman
YouTube
Growing Risks in the Software Supply Chain — Mark Sherman, CMU — Platform Security Summit 2019
https://PlatformSecuritySummit.com/2019/speaker/sherman
Today’s software is largely assembled rather than written, and most of the assembly comes from open source components. The creation of components and their inclusion into applications creates a “supply…
Today’s software is largely assembled rather than written, and most of the assembly comes from open source components. The creation of components and their inclusion into applications creates a “supply…
#radare2 4.0 is out! codename "Kràmpack" https://github.com/radareorg/radare2/releases/tag/4.0.0 #reverse #dukeBarman
GitHub
Release v4.0 : Codename Kràmpack - vifino edition · radareorg/radare2
Release Notes
Version: 4.0.0
From: 3.9.0
To: 4.0.0
Commits: 299
Contributors: 48
Changes
anal
Bring back the MASK_DISASM because not all nanal plugins support it yet ##anal
Select default var type...
Version: 4.0.0
From: 3.9.0
To: 4.0.0
Commits: 299
Contributors: 48
Changes
anal
Bring back the MASK_DISASM because not all nanal plugins support it yet ##anal
Select default var type...
Hardware Hacking Cheatsheet infograph https://github.com/arunmagesh/hw_hacking_cheatsheet #hardware #reverse #dukeBarman
r2elk: #Radare2 API bindings to extract binary metadata into Elasticsearch https://github.com/jaredestroud/r2elk #reverse #dukeBarman
GitHub
GitHub - archcloudlabs/r2elk: Radare2 Metadata Extraction to Elasticsearch
Radare2 Metadata Extraction to Elasticsearch. Contribute to archcloudlabs/r2elk development by creating an account on GitHub.
Reverse Engineering and Code Emulation with #Ghidra
Slides: https://github.com/kc0bfv/Saintcon2019GhidraTalk
Video: https://twitch.tv/videos/498159435
Source of python pcode emulator: https://github.com/kc0bfv/pcode-emulator
#reverse #dukeBarman
Slides: https://github.com/kc0bfv/Saintcon2019GhidraTalk
Video: https://twitch.tv/videos/498159435
Source of python pcode emulator: https://github.com/kc0bfv/pcode-emulator
#reverse #dukeBarman
GitHub
GitHub - kc0bfv/Saintcon2019GhidraTalk: The slides from my Saintcon 2019 talk.
The slides from my Saintcon 2019 talk. Contribute to kc0bfv/Saintcon2019GhidraTalk development by creating an account on GitHub.
Arbitrary Code Guard vs. Kernel Code Injections https://www.countercraft.eu/blog/post/arbitrary-vs-kernel/ #reverse #dukeBarman
Destroying x86_64 instruction decoders with differential fuzzing
Article: https://blog.trailofbits.com/2019/10/31/destroying-x86_64-instruction-decoders-with-differential-fuzzing/
Source: https://github.com/trailofbits/mishegos
#fuzzing #dukeBarman
Article: https://blog.trailofbits.com/2019/10/31/destroying-x86_64-instruction-decoders-with-differential-fuzzing/
Source: https://github.com/trailofbits/mishegos
#fuzzing #dukeBarman
The Trail of Bits Blog
Destroying x86_64 instruction decoders with differential fuzzing
TL;DR: x86_64 decoding is hard, and the number and variety of implementations available for it makes it uniquely suited to differential fuzzing. We’re open sourcing mishegos, a differential fuzzer for instruction decoders. You can use it to discover discrepancies…
Building A Custom Tool For Shellcode Analysis https://www.sentinelone.com/blog/building-a-custom-tool-for-shellcode-analysis/ #malware #dukeBarman
SentinelOne
Building A Custom Tool For Shellcode Analysis
The Zero2Hero malware course continues with Daniel Bunce demonstrating how to write a custom tool to load, execute and debug malicious shellcode in memory.
Fileless Malware Infection And Linux Process Injection In Linux OS
Video: https://www.youtube.com/watch?v=RvBj8C5okp0
Slides: https://2019.hack.lu/archive/2019/Fileless-Malware-Infection-and-Linux-Process-Injection-in-Linux-OS.pdf
Article: https://blog.malwaremustdie.org/2019/10/more-about-my-2019hacklu-keynote-talk.html?m=1
#reverse #linux #malware #dukeBarman
Video: https://www.youtube.com/watch?v=RvBj8C5okp0
Slides: https://2019.hack.lu/archive/2019/Fileless-Malware-Infection-and-Linux-Process-Injection-in-Linux-OS.pdf
Article: https://blog.malwaremustdie.org/2019/10/more-about-my-2019hacklu-keynote-talk.html?m=1
#reverse #linux #malware #dukeBarman
YouTube
Fileless Malware Infection And Linux Process Injection In Linux OS - Hendrik Adrian
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
Analyzing Golang Executables https://www.pnfsoftware.com/blog/analyzing-golang-executables/ #reverse #dukeBarman
Cemu 0.5 was released (Cheap EMUlator: lightweight multi-architecture assembly playground) https://github.com/hugsy/cemu #reverse #dukeBarman
GitHub
GitHub - hugsy/cemu: Cheap EMUlator: lightweight multi-architecture assembly playground
Cheap EMUlator: lightweight multi-architecture assembly playground - hugsy/cemu
IPython console integration for #IDA Pro https://github.com/eset/ipyida
- Support for IDA 7.4 and Python 3 (Python 2 and previous IDA still supported)
- Dark mode
- Load ipyidarc py file on startup
#reverse #dukeBarman
- Support for IDA 7.4 and Python 3 (Python 2 and previous IDA still supported)
- Dark mode
- Load ipyidarc py file on startup
#reverse #dukeBarman
GitHub
GitHub - eset/ipyida: IPython console integration for IDA Pro
IPython console integration for IDA Pro. Contribute to eset/ipyida development by creating an account on GitHub.
rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries https://github.com/0vercl0k/rp #exploitation #dukeBarman
GitHub
GitHub - 0vercl0k/rp: rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries. - 0vercl0k/rp
The Firmware Security Testing Methodology (FSTM) by OWASP https://github.com/scriptingxss/owasp-fstm #reverse #hardware #dukeBarman
GitHub
GitHub - scriptingxss/owasp-fstm: The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable…
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with co...