rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries https://github.com/0vercl0k/rp #exploitation #dukeBarman
GitHub
GitHub - 0vercl0k/rp: rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries. - 0vercl0k/rp
The Firmware Security Testing Methodology (FSTM) by OWASP https://github.com/scriptingxss/owasp-fstm #reverse #hardware #dukeBarman
GitHub
GitHub - scriptingxss/owasp-fstm: The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enableβ¦
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with co...
Solving iOS UnCrackable 1 Crackme Without Using an iOS Device https://serializethoughts.com/2019/10/28/solving-mstg-crackme-angr #ios #CTF #dukeBarman
serializethoughts
Solving iOS UnCrackable 1 Crackme Without Using an iOS Device
TL;DR: iOS UnCrackable Level 1 crackme application can be solved without using an iOS device using Angrβs dynamic execution engine.
PARTEMU: Enabling Dynamic Analysis of Real-World TrustZone Software
Using Emulation https://people.eecs.berkeley.edu/~rohanpadhye/files/partemu-usenixsec20.pdf #android #hardware #dukeBarman
Using Emulation https://people.eecs.berkeley.edu/~rohanpadhye/files/partemu-usenixsec20.pdf #android #hardware #dukeBarman
Google launches OpenTitan, an #opensource secure chip design project https://opentitan.org/ #hardware #dukeBarman
opentitan.org
Open source silicon root of trust (RoT) | OpenTitan
The first open source project building a transparent, high-quality reference
design and integration guidelines for silicon root of trust (RoT) chips
design and integration guidelines for silicon root of trust (RoT) chips
Firmware Extraction at #Hack.lu 2019 https://2019.hack.lu/archive/2019/snarf-it_pub.pdf #reverse #hardware #dukeBarman
Isolating the logic of an encrypted protocol with LIEF and kaitai https://x-c3ll.github.io/posts/blackbox-lief-kaitai/ #reverse #dukeBarman
Doomsday Vault
Isolating the logic of an encrypted protocol with LIEF and kaitai
Article describing how we used LIEF to isolate target functions and kaitai to describe the protocol.
Analysis Corona DDoS bot https://maxkersten.nl/binary-analysis-course/malware-analysis/corona-ddos-bot/ #reverse #malware #ghidra
EFI DXE Emulator and Interactive Debugger
Source: https://github.com/gdbinit/efi_dxe_emulator
Article: https://reverse.put.as/2019/10/29/crafting-an-efi-emulator/
#debugger #efi #dukeBarman
Source: https://github.com/gdbinit/efi_dxe_emulator
Article: https://reverse.put.as/2019/10/29/crafting-an-efi-emulator/
#debugger #efi #dukeBarman
GitHub
GitHub - gdbinit/efi_dxe_emulator: EFI DXE Emulator and Interactive Debugger
EFI DXE Emulator and Interactive Debugger. Contribute to gdbinit/efi_dxe_emulator development by creating an account on GitHub.
The One Weird Trick SecureROM Hates (and a few words about checkrain jailbreak) by qwertyoruiop #POC2019 http://iokit.racing/oneweirdtrick.pdf #ios #exploit #dukeBarman
Sojobo - A binary analysis framework based on B2R2 (https://github.com/B2R2-org/B2R2) - https://github.com/enkomio/Sojobo #reverse #dukeBarman
GitHub
GitHub - B2R2-org/B2R2: B2R2 is a collection of useful algorithms, functions, and tools for binary analysis.
B2R2 is a collection of useful algorithms, functions, and tools for binary analysis. - B2R2-org/B2R2
crauEmu is a modified version of uEmu for developing and analyzing payloads for code-reuse attacks https://github.com/DSecurity/crauEmu #reverse #ida #ZeroNights
GitHub
GitHub - DSecurity/crauEmu: crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks
crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks - DSecurity/crauEmu
https://research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/ #fuzzing #android #a14xt
Check Point Research
The Road to Qualcomm TrustZone Apps Fuzzing - Check Point Research
Research By: Slava Makkaveev Trusted Execution Environment TrustZone is a security extension integrated by ARM into the Corex-A processor. This extension creates an isolated virtual secure world which can be used by the main operating system running on theβ¦
AFL in-memory fuzzing with Frida JS - absolutely useless https://github.com/andreafioraldi/frida-js-afl-instr #fuzzing #frida #android #dukeBarman
GitHub
GitHub - andreafioraldi/frida-js-afl-instr: An example on how to do performant in-memory fuzzing with AFL++ and Frida
An example on how to do performant in-memory fuzzing with AFL++ and Frida - andreafioraldi/frida-js-afl-instr
Paged Out! #2 was published https://pagedout.institute PDF: https://pagedout.institute/download/PagedOut_002_beta2.pdf #ezine #dukeBarman
Sourcetrail is now free and open-source! https://github.com/CoatiSoftware/Sourcetrail #codereview #dukeBarman
GitHub
GitHub - CoatiSoftware/Sourcetrail: Sourcetrail - free and open-source interactive source explorer
Sourcetrail - free and open-source interactive source explorer - CoatiSoftware/Sourcetrail