Espressif ESP32: Bypassing Encrypted Secure Boot (CVE-2020-13629) https://raelize.com/posts/espressif-esp32-bypassing-encrypted-secure-boot-cve-2020-13629/ #exploitation #hardware #dukeBarman
efiXplorer v2.0 [Hex-Rays Contest Edition] https://github.com/binarly-io/efiXplorer/releases/tag/v2.0 #ida #hardware #uefi #dukeBarman
GitHub
Release efiXplorer v2.0 [Hex-Rays Contest Edition] Β· binarly-io/efiXplorer
[new feature] UEFI image loader (loading the whole image to IDA Pro)
Support of analyzing 32-bit images
Support of analyzing SMM images
[new feature] PEI images analyzer
Multiple improvements and f...
Support of analyzing 32-bit images
Support of analyzing SMM images
[new feature] PEI images analyzer
Multiple improvements and f...
Time Travel Debugging - JavaScript Automation https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/time-travel-debugging-javascript-automation #reverse #debugger #windbg #dukeBarman
Docs
Time Travel Debugging - JavaScript Automation - Windows drivers
This section describes how to use JavaScript automation to work with TTD traces.
An emulator powered by Qiling to deobfuscate/decrypt VAC3 modules https://github.com/ioncodes/vacation3-emu #reverse #dukeBarman
GitHub
GitHub - ioncodes/vacation3-emu: VAC3 (Valve Anti-Cheat 3) module emulator
VAC3 (Valve Anti-Cheat 3) module emulator. Contribute to ioncodes/vacation3-emu development by creating an account on GitHub.
Step-through debugging with no debugger on Cortex-M https://interrupt.memfault.com/blog/cortex-m-debug-monitor #hardware #debugger #dukeBarman
Interrupt
Step-through debugging with no debugger on Cortex-M
An exploration of how to debug running devices by taking advantage of debug monitor mode on ARM Cortex-M MCUs
APIMiner - The API Logger for Malwares - The Fast Way To Identifying Malwares http://www.malware-analysis-and-detection-engineering.com/2020/09/apiminer-api-logger-for-malwares-fast.html #reverse #malware #dukeBarman
Malware-Analysis-And-Detection-Engineering
APIMiner - The API Logger for Malwares - The Fast Way To Identifying Malwares
Direct Download Link for Latest Release of APIMiner: https://github.com/poona/APIMiner/releases/download/1.0.0/release-v1.0.0.zip One of...
Giving Hackers a Headache with Exploit Mitigations - Maria Markstedter, Azeria Labs
Video: https://www.youtube.com/watch?v=riQ-WyYrxh4
Slides: https://azeria-labs.com/downloads/Keynote_ArmResearchSummit2020_Azeria.pdf
#reverse #hardware #exploitation #dukeBarman
Video: https://www.youtube.com/watch?v=riQ-WyYrxh4
Slides: https://azeria-labs.com/downloads/Keynote_ArmResearchSummit2020_Azeria.pdf
#reverse #hardware #exploitation #dukeBarman
Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware
Code: https://github.com/fireeye/speakeasy
Article: https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html
#reverse #malware #dukeBarman
Code: https://github.com/fireeye/speakeasy
Article: https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html
#reverse #malware #dukeBarman
GitHub
GitHub - mandiant/speakeasy: Windows kernel and user mode emulation.
Windows kernel and user mode emulation. Contribute to mandiant/speakeasy development by creating an account on GitHub.
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes https://github.com/Antid0teCom/aarch64_mte #ida #reverse #ios #arm #dukeBarman
GitHub
GitHub - Antid0teCom/aarch64_mte: IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extensionβ¦
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes - Antid0teCom/aarch64_mte
Binary Ninja developers open sourced two of their core architectures: armv7 and aarch64
Code: https://github.com/Vector35/arch-armv7 and https://github.com/Vector35/arch-arm64
Article: https://binary.ninja/2020/10/07/open-source-architectures.html
#reverse #arm #binaryninja #dukeBarman
Code: https://github.com/Vector35/arch-armv7 and https://github.com/Vector35/arch-arm64
Article: https://binary.ninja/2020/10/07/open-source-architectures.html
#reverse #arm #binaryninja #dukeBarman
GitHub
GitHub - Vector35/arch-armv7: ARMv7 architecture plugin
ARMv7 architecture plugin. Contribute to Vector35/arch-armv7 development by creating an account on GitHub.
Python-idb now 0.7.1 now supports IDA Pro 5.x-7.5 databases versions and has better API support, no IDA Pro itself required https://pypi.org/project/python-idb/
#reverse #ida #jeisonwi
#reverse #ida #jeisonwi
KaitaiStruct, a cross-language binary format parser API generator, released a new major version 0.9! C++11 support, data validations, little-endian integers, 3 new targets, ... http://kaitai.io/news/2020/10/16/kaitai-struct-v0.9-released.html #reverse #dukeBarman
kaitai.io
Kaitai Struct: declarative binary format parsing language
Kaitai Struct is a formal language for binary format specification that can be compiled into parser code
ESILSolve - A python symbolic execution framework using r2 and ESIL https://github.com/aemmitt-ns/esilsolve (now support symbolically execution PCODE) #reverse #radare2 #ghidra #dukeBarman
GitHub
GitHub - radareorg/esilsolve: A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language)
A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language) - radareorg/esilsolve
Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables https://slaeryan.github.io/posts/midnighttrain.html #reverse #uefi #dukeBarman
Resurrected IDA plugin for UEFI RE - ida-efitools "v2.0" is now LIVE https://github.com/p-state/ida-efitools2 #reverse #uefi #ida #dukeBarman
GitHub
GitHub - p-state/ida-efitools2: IDA plugin for extending UEFI reverse engineering capabilities
IDA plugin for extending UEFI reverse engineering capabilities - p-state/ida-efitools2
Binary Ninja loader for 64 bits SEPROMs https://github.com/matteyeux/seprom-loader #reverse #ios #binaryninja #dukeBarman
GitHub
GitHub - matteyeux/seprom-loader: Binary Ninja loader for 64 bits Apple SEPROMs
Binary Ninja loader for 64 bits Apple SEPROMs. Contribute to matteyeux/seprom-loader development by creating an account on GitHub.
Letβs build a high-performance fuzzer with GPUs! https://blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/ #fuzzing #dukeBarman
The Trail of Bits Blog
Letβs build a high-performance fuzzer with GPUs!
TL;DR: Can we use GPUs to get 10x performance/dollar when fuzzing embedded software in the cloud? Based on our preliminary work, we think the answer is yes! Fuzzing is a software testing technique that supplies programs with many randomized inputs in an attemptβ¦
A curated list of Android Security materials and resources For Pentesters and Bug Hunters
https://github.com/saeidshirazi/awesome-android-security
#reverse #pentest #mobile #Und3rCover
https://github.com/saeidshirazi/awesome-android-security
#reverse #pentest #mobile #Und3rCover
GitHub
GitHub - saeidshirazi/awesome-android-security: A curated list of Android Security materials and resources For Pentesters and Bugβ¦
A curated list of Android Security materials and resources For Pentesters and Bug Hunters - saeidshirazi/awesome-android-security