Beginner RE and Cryptanalysis with cutter https://daringjoker.wordpress.com/2020/05/03/chransomware1/ #radare2 #reverse #dukeBarman
DaringJoker
Beginner RE and Cryptanalysis with cutter
This time Around we will be solving the MalwareTech’s Ransomware Challenge it is one of the easiest challenge but however it will be an exercise on reverse engineering and cryptanalysis .We w…
Nazar: Spirits of the Past https://research.checkpoint.com/2020/nazar-spirits-of-the-past/ #reverse #malware #dukeBarman
Check Point Research
Nazar: Spirits of the Past - Check Point Research
In mid-2017, The Shadow Brokers exposed NSA files in a leak known as "Lost In Translation".Recently, researcher uncovered "Nazar", a previously-unknown APT that was mentioned in the leak.We decided to dive into each and every one of the components and share…
Bugs on the Windshield: Fuzzing the Windows Kernel https://research.checkpoint.com/2020/bugs-on-the-windshield-fuzzing-the-windows-kernel/ #fuzzing #dukeBarman
Check Point Research
Bugs on the Windshield: Fuzzing the Windows Kernel - Check Point Research
Research By: Netanel Ben-Simon and Yoav Alon Background: In our previous research, we used WinAFL to fuzz user-space applications running on Windows, and found over 50 vulnerabilities in Adobe Reader and Microsoft Edge. For our next challenge, we decided…
The u-booting securely https://labs.f-secure.com/assets/BlogFiles/2020-05-u-booting-securely-wp-final.pdf #hardware #dukeBarman
F-Secure
Useful online security tips and articles | F‑Secure
True cyber security combines advanced technology and best practice. Get tips and read articles on how to take your online security even further.
0-click RCE via MMS in all modern Samsung phones (released 2015+) by j00ru:
- Video: https://www.youtube.com/watch?v=nke8Z3G4jnc
- issue: https://bugs.chromium.org/p/project-zero/issues/detail?id=2002 (detailed report on the codec, the fuzzing process, and the crashes)
- Article: Waiting for...
#exploitation #android #dukeBarman
- Video: https://www.youtube.com/watch?v=nke8Z3G4jnc
- issue: https://bugs.chromium.org/p/project-zero/issues/detail?id=2002 (detailed report on the codec, the fuzzing process, and the crashes)
- Article: Waiting for...
#exploitation #android #dukeBarman
YouTube
Exploitation of a Samsung Galaxy Note 10+ Zero-Click RCE Bug via MMS
Director's cut with a soundtrack: https://youtu.be/ZQnb8kRMkHg.
This video demonstrates the exploitation of a vulnerability in the custom Samsung Qmage image codec via MMS. The exploit proof-of-concept achieves remote code execution with no user interaction…
This video demonstrates the exploitation of a vulnerability in the custom Samsung Qmage image codec via MMS. The exploit proof-of-concept achieves remote code execution with no user interaction…
Frida Cheatsheet and Code Snippets for Android - Quick reference guide for Frida code snippets used for Android dynamic instrumentation https://erev0s.com/blog/frida-code-snippets-for-android/ #frida #android #dukeBarman
Erev0S
Frida code snippets for Android
Quick reference guide for Frida code snippets used for Android dynamic instrumentation.
Extending IDA processor modules for GDB debugging https://www.hex-rays.com/blog/extending-ida-processor-modules-for-gdb-debugging/ #reverse #ida #debugger #dukeBarman
Using Intel PT for Vulnerability Triaging with IPTAnalyzer https://darungrim.com/research/2020-05-07-UsingIntelPTForVulnerabilityTriagingWithIPTAnalyzer.html #reverse #hardware #dukeBarman
HugeDomains
DarunGrim.com is for sale | HugeDomains
Find a domain name today. We make it easy.
UEFI_RETool v1.2.0 was released https://github.com/yeggor/UEFI_RETool/releases/tag/1.2.0 #reverse #uefi #hardware #dukeBarman
GitHub
Release 1.2.0 · yeggor/uefi_retool
readme updated
Hardwear IO VirtualCon2020 have started to publish videos https://www.youtube.com/watch?v=_chBxq4P_5Y&list=PL8tHFrmzAuvTZqb3Cfm0qtv2m7-47Cwgj #reverse #conference #videos #dukeBarman
YouTube
Hardwear IO VirtualCon2020 WallChallenge QuestionsAnswers
These are the Wall Challenge Questions and Answers from the Hardware.IO Virtual Con 2020.
The Cereals Story - Creating a Botnet During Breakfast (the iot malware patched another vulns and using only for download anime) https://www.forcepoint.com/blog/x-labs/botnets-nas-nvr-devices #malware #dukeBarman
Forcepoint
The Cereals Story - Creating a Botnet During Breakfast
We are proud to provide all the details what we’ve been asked for since presenting our research last December at Botconf 2019. If you own a D-Link NAS or NVR device, care about network security or just being interested in exotic IoT botnets; this one is for…
Cutter v1.10.3 has just been released! Now with improved UI and documentation, better debug experience, newest radare2 version, implemented patching and writing features on Hexdump, ... https://cutter.re/ #reverse #radare2 #dukeBarman
CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters https://www.thezdi.com/blog/2020/4/28/cve-2020-0932-remote-code-execution-on-microsoft-sharepoint-using-typeconverters #exploit #dukeBarman
Zero Day Initiative
Zero Day Initiative — CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters
In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931 and…
GDBFrontend is an easy, flexible and extensionable gui debugger
Download: https://github.com/rohanrhu/gdb-frontend
Article: https://oguzhaneroglu.com/projects/gdb-frontend/
#reverse #debugger #dukeBarman
Download: https://github.com/rohanrhu/gdb-frontend
Article: https://oguzhaneroglu.com/projects/gdb-frontend/
#reverse #debugger #dukeBarman
GitHub
GitHub - rohanrhu/gdb-frontend: ☕ GDBFrontend is an easy, flexible and extensible gui debugger.
☕ GDBFrontend is an easy, flexible and extensible gui debugger. - rohanrhu/gdb-frontend
TIMEP: Test Interface for Multiple Embedded Protocols https://systemoverlord.com/2020/05/08/announcing-timep-test-interface-for-multiple-embedded-protocols.html #debugger #hardware #dukeBarman
System Overlord
Announcing TIMEP: Test Interface for Multiple Embedded Protocols
Today I’m releasing a new open source hardware (OSHW) project – the Test Interface for Multiple Embedded Protocols (TIMEP). It’s based around the FTDI FT2232H chip and logic level shifters to provide breakouts, buffering, and level conversion for a number…
CVE-2020-3919 - IOHIDFamily Uninitialised Kernel Memory Vulnerability https://alexplaskett.github.io/CVE-2020-3919/ #macos #ios #exploit #dukeBarman
Amit Merchant - Software Engineer
CVE-2020-3919 - IOHIDFamily Uninitialised Kernel Memory Vulnerability
Recently Apple patched a vulnerability (CVE-2020-3919) in IOHIDFamily in their security update 10.15.4 which may allow a malicious application to execute arbitrary code with kernel privileges. It turns out this bug also affected iOS too.
❤1
Posts about Game Hacking by CaptnBanana https://twitter.com/CaptnBanana/status/1259226596331982849?s=19
Game Hacking #1: Developing Hacks for idTech3 Based Games https://bananamafia.dev/post/multihack/
Game Hacking #2: Coding A CS:GO Hack https://bananamafia.dev/post/bananabot/
#reverse #dukeBarman
Game Hacking #1: Developing Hacks for idTech3 Based Games https://bananamafia.dev/post/multihack/
Game Hacking #2: Coding A CS:GO Hack https://bananamafia.dev/post/bananabot/
#reverse #dukeBarman
Sigreturn-oriented programming (SROP) exploitation with radare2 https://bananamafia.dev/post/srop/ #reverse #exploitation #radare2 #dukeBarman
When Lightning Strikes Thrice: Breaking Thunderbolt 3 Protocol Security https://thunderspy.io/ #hardware #exploitation #dukeBarman