Using Intel PT for Vulnerability Triaging with IPTAnalyzer https://darungrim.com/research/2020-05-07-UsingIntelPTForVulnerabilityTriagingWithIPTAnalyzer.html #reverse #hardware #dukeBarman
HugeDomains
DarunGrim.com is for sale | HugeDomains
Find a domain name today. We make it easy.
UEFI_RETool v1.2.0 was released https://github.com/yeggor/UEFI_RETool/releases/tag/1.2.0 #reverse #uefi #hardware #dukeBarman
GitHub
Release 1.2.0 Β· yeggor/uefi_retool
readme updated
Hardwear IO VirtualCon2020 have started to publish videos https://www.youtube.com/watch?v=_chBxq4P_5Y&list=PL8tHFrmzAuvTZqb3Cfm0qtv2m7-47Cwgj #reverse #conference #videos #dukeBarman
YouTube
Hardwear IO VirtualCon2020 WallChallenge QuestionsAnswers
These are the Wall Challenge Questions and Answers from the Hardware.IO Virtual Con 2020.
The Cereals Story - Creating a Botnet During Breakfast (the iot malware patched another vulns and using only for download anime) https://www.forcepoint.com/blog/x-labs/botnets-nas-nvr-devices #malware #dukeBarman
Forcepoint
The Cereals Story - Creating a Botnet During Breakfast
We are proud to provide all the details what weβve been asked for since presenting our research last December at Botconf 2019. If you own a D-Link NAS or NVR device, care about network security or just being interested in exotic IoT botnets; this one is forβ¦
Cutter v1.10.3 has just been released! Now with improved UI and documentation, better debug experience, newest radare2 version, implemented patching and writing features on Hexdump, ... https://cutter.re/ #reverse #radare2 #dukeBarman
CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters https://www.thezdi.com/blog/2020/4/28/cve-2020-0932-remote-code-execution-on-microsoft-sharepoint-using-typeconverters #exploit #dukeBarman
Zero Day Initiative
Zero Day Initiative β CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters
In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931 andβ¦
GDBFrontend is an easy, flexible and extensionable gui debugger
Download: https://github.com/rohanrhu/gdb-frontend
Article: https://oguzhaneroglu.com/projects/gdb-frontend/
#reverse #debugger #dukeBarman
Download: https://github.com/rohanrhu/gdb-frontend
Article: https://oguzhaneroglu.com/projects/gdb-frontend/
#reverse #debugger #dukeBarman
GitHub
GitHub - rohanrhu/gdb-frontend: β GDBFrontend is an easy, flexible and extensible gui debugger.
β GDBFrontend is an easy, flexible and extensible gui debugger. - rohanrhu/gdb-frontend
TIMEP: Test Interface for Multiple Embedded Protocols https://systemoverlord.com/2020/05/08/announcing-timep-test-interface-for-multiple-embedded-protocols.html #debugger #hardware #dukeBarman
System Overlord
Announcing TIMEP: Test Interface for Multiple Embedded Protocols
Today Iβm releasing a new open source hardware (OSHW) project β the Test Interface for Multiple Embedded Protocols (TIMEP). Itβs based around the FTDI FT2232H chip and logic level shifters to provide breakouts, buffering, and level conversion for a numberβ¦
CVE-2020-3919 - IOHIDFamily Uninitialised Kernel Memory Vulnerability https://alexplaskett.github.io/CVE-2020-3919/ #macos #ios #exploit #dukeBarman
Amit Merchant - Software Engineer
CVE-2020-3919 - IOHIDFamily Uninitialised Kernel Memory Vulnerability
Recently Apple patched a vulnerability (CVE-2020-3919) in IOHIDFamily in their security update 10.15.4 which may allow a malicious application to execute arbitrary code with kernel privileges. It turns out this bug also affected iOS too.
β€1
Posts about Game Hacking by CaptnBanana https://twitter.com/CaptnBanana/status/1259226596331982849?s=19
Game Hacking #1: Developing Hacks for idTech3 Based Games https://bananamafia.dev/post/multihack/
Game Hacking #2: Coding A CS:GO Hack https://bananamafia.dev/post/bananabot/
#reverse #dukeBarman
Game Hacking #1: Developing Hacks for idTech3 Based Games https://bananamafia.dev/post/multihack/
Game Hacking #2: Coding A CS:GO Hack https://bananamafia.dev/post/bananabot/
#reverse #dukeBarman
Sigreturn-oriented programming (SROP) exploitation with radare2 https://bananamafia.dev/post/srop/ #reverse #exploitation #radare2 #dukeBarman
When Lightning Strikes Thrice: Breaking Thunderbolt 3 Protocol Security https://thunderspy.io/ #hardware #exploitation #dukeBarman
VMI Kernel Fuzzer for Xen Project: VM forking, VMI & AFL integration demo https://github.com/intel/kernel-fuzzer-for-xen-project #fuzzing #dukeBarman
GitHub
GitHub - intel/kernel-fuzzer-for-xen-project: Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forkingβ¦
Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL - intel/kernel-fuzzer-for-xen-project
Side-Channel Attack Turns Power Supply Into Speakers https://hackaday.com/2020/05/11/side-channel-attack-turns-power-supply-into-speakers/ #hardware #exploitation #dukeBarman
Hackaday
Side-Channel Attack Turns Power Supply Into Speakers
If you work in a secure facility, the chances are pretty good that any computer there is going to be stripped to the minimum complement of peripherals. After all, the fewer parts that a computer haβ¦
A simple library focusing on demangling symbols for different programing languages https://github.com/radareorg/ldmg #reverse #dukeBarman
GitHub
GitHub - radareorg/libdemangle: A simple library focusing on demangling symbols for different programing languages
A simple library focusing on demangling symbols for different programing languages - radareorg/libdemangle
An Xdbg (x64dbg) Plugin of the ERC Library (mona.py alternative?) https://github.com/Andy53/ERC.Xdbg
Another good plugins: https://github.com/x64dbg/x64dbg/wiki/Plugins
#debugger #exploitation #dukeBarman
Another good plugins: https://github.com/x64dbg/x64dbg/wiki/Plugins
#debugger #exploitation #dukeBarman
GitHub
GitHub - Andy53/ERC.Xdbg: An Xdbg Plugin of the ERC Library.
An Xdbg Plugin of the ERC Library. Contribute to Andy53/ERC.Xdbg development by creating an account on GitHub.
Kernel Debugging macOS with SIP https://www.offensive-security.com/offsec/kernel-debugging-macos-with-sip #debugger #macos #dukeBarman
Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64 https://versprite.com/blog/security-research/reverse-engineering-undocumented-structures/ #reverse #ida #dukeBarman
VerSprite, Threat Modeling and Pentesting Services
Reverse Engineering Undocumented Structures for Windows 10
Learn how to update undocumented structures for Windows 10 x64 and HexRays Decompiler using ESTROBJ and STROBJ. | Reverse Engineering
IDAPython script that modifies the decompiler's output (Python3) https://twitter.com/i/status/1143599379510697984 Download: https://gist.github.com/patois/05b9dd5b8ac2633c4e62991c76709b03 #reverse #IDA #dukeBarman