r0 Crew (Channel)
@R0_Crew
8.83K subscribers
35 photos
1 video
9 files
1.98K links
Security Related Links:
- Reverse Engineering;
- Malware Research;
- Exploit Development;
- Pentest;
- etc;

Join to chat: @r0crew_bot πŸ‘ˆ

Forum: https://forum.reverse4you.org
Twitter: https://twitter.com/R0_Crew
Download Telegram
About
Blog
Apps
Platform
Join
r0 Crew (Channel)
8.83K subscribers
r0 Crew (Channel)
Giving Hackers a Headache with Exploit Mitigations - Maria Markstedter, Azeria Labs

Video: https://www.youtube.com/watch?v=riQ-WyYrxh4
Slides: https://azeria-labs.com/downloads/Keynote_ArmResearchSummit2020_Azeria.pdf

#reverse #hardware #exploitation #dukeBarman
4.76K views
πŸ‘ 8❀️ 5
r0 Crew (Channel)
https://twitter.com/9wayhandshake/status/1312462465045725184?s=19

#reverse #cutter #plugin #jeisonwi
X (formerly Twitter)
ninewayhandshake (@9wayhandshake) on X
Just released capa-explorer plugin for #Cutter @r2gui. Its more or less a port of the official IDA plugin and enables you to navigate capa results in Cutter in a similar way.
Its available here https://t.co/eFL57V9Pcf
4.12K views
πŸ‘ 9❀️ 4
r0 Crew (Channel)
Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware

Code: https://github.com/fireeye/speakeasy
Article: https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html

#reverse #malware #dukeBarman
GitHub
GitHub - mandiant/speakeasy: Windows kernel and user mode emulation.
Windows kernel and user mode emulation. Contribute to mandiant/speakeasy development by creating an account on GitHub.
3.58K views
πŸ‘ 13❀️ 2
r0 Crew (Channel)
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes https://github.com/Antid0teCom/aarch64_mte #ida #reverse #ios #arm #dukeBarman
GitHub
GitHub - Antid0teCom/aarch64_mte: IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension…
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes - Antid0teCom/aarch64_mte
3.81K views
πŸ‘ 2❀️ 0
r0 Crew (Channel)
Binary Ninja developers open sourced two of their core architectures: armv7 and aarch64

Code: https://github.com/Vector35/arch-armv7 and https://github.com/Vector35/arch-arm64
Article: https://binary.ninja/2020/10/07/open-source-architectures.html

#reverse #arm #binaryninja #dukeBarman
GitHub
GitHub - Vector35/arch-armv7: ARMv7 architecture plugin
ARMv7 architecture plugin. Contribute to Vector35/arch-armv7 development by creating an account on GitHub.
6.48K views
πŸ‘ 8❀️ 9
r0 Crew (Channel)
Python-idb now 0.7.1 now supports IDA Pro 5.x-7.5 databases versions and has better API support, no IDA Pro itself required https://pypi.org/project/python-idb/

#reverse #ida #jeisonwi
4.71K views
πŸ‘ 10❀️ 3
r0 Crew (Channel)
KaitaiStruct, a cross-language binary format parser API generator, released a new major version 0.9! C++11 support, data validations, little-endian integers, 3 new targets, ... http://kaitai.io/news/2020/10/16/kaitai-struct-v0.9-released.html #reverse #dukeBarman
kaitai.io
Kaitai Struct: declarative binary format parsing language
Kaitai Struct is a formal language for binary format specification that can be compiled into parser code
3.42K views
πŸ‘ 12❀️ 0
r0 Crew (Channel)
Hex-Rays MicroCode Explorer https://github.com/gdbinit/MicrocodeExplorer #reverse #ida #dukeBarman
GitHub
GitHub - gdbinit/MicrocodeExplorer: Hex-Rays MicrocodeExplorer
Hex-Rays MicrocodeExplorer. Contribute to gdbinit/MicrocodeExplorer development by creating an account on GitHub.
3.59K views
πŸ‘ 6❀️ 0
r0 Crew (Channel)
ESILSolve - A python symbolic execution framework using r2 and ESIL https://github.com/aemmitt-ns/esilsolve (now support symbolically execution PCODE) #reverse #radare2 #ghidra #dukeBarman
GitHub
GitHub - radareorg/esilsolve: A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language)
A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language) - radareorg/esilsolve
3.54K views
πŸ‘ 4❀️ 1
r0 Crew (Channel)
Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables https://slaeryan.github.io/posts/midnighttrain.html #reverse #uefi #dukeBarman
3.65K views
πŸ‘ 8❀️ 5
r0 Crew (Channel)
Resurrected IDA plugin for UEFI RE - ida-efitools "v2.0" is now LIVE https://github.com/p-state/ida-efitools2 #reverse #uefi #ida #dukeBarman
GitHub
GitHub - p-state/ida-efitools2: IDA plugin for extending UEFI reverse engineering capabilities
IDA plugin for extending UEFI reverse engineering capabilities - p-state/ida-efitools2
3.74K views
πŸ‘ 5❀️ 5
r0 Crew (Channel)
Binary Ninja loader for 64 bits SEPROMs https://github.com/matteyeux/seprom-loader #reverse #ios #binaryninja #dukeBarman
GitHub
GitHub - matteyeux/seprom-loader: Binary Ninja loader for 64 bits Apple SEPROMs
Binary Ninja loader for 64 bits Apple SEPROMs. Contribute to matteyeux/seprom-loader development by creating an account on GitHub.
3.83K views
πŸ‘ 2❀️ 0
r0 Crew (Channel)
Let’s build a high-performance fuzzer with GPUs! https://blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/ #fuzzing #dukeBarman
The Trail of Bits Blog
Let’s build a high-performance fuzzer with GPUs!
TL;DR: Can we use GPUs to get 10x performance/dollar when fuzzing embedded software in the cloud? Based on our preliminary work, we think the answer is yes! Fuzzing is a software testing technique that supplies programs with many randomized inputs in an attempt…
4.1K views
πŸ‘ 8❀️ 3
r0 Crew (Channel)
A curated list of Android Security materials and resources For Pentesters and Bug Hunters

https://github.com/saeidshirazi/awesome-android-security

#reverse #pentest #mobile #Und3rCover
GitHub
GitHub - saeidshirazi/awesome-android-security: A curated list of Android Security materials and resources For Pentesters and Bug…
A curated list of Android Security materials and resources For Pentesters and Bug Hunters - saeidshirazi/awesome-android-security
4.22K views
πŸ‘ 7❀️ 11
r0 Crew (Channel)
Don't Ruck Us Again - The Exploit Returns

https://alephsecurity.com/2020/10/14/ruckus-wireless-2/

#exploitation #hardware #jeisonwi
Alephsecurity
Don't Ruck Us Again - The Exploit Returns
4.26K views
πŸ‘ 0❀️ 1
r0 Crew (Channel)
gdb v10.1 was released!

Details: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=gdb-10.1-release
Download: ftp://ftp.gnu.org/gnu/gdb

#reverse #debugger #dukeBarman
4.48K views
πŸ‘ 12❀️ 3
r0 Crew (Channel)
IDA Pro 7.5 SP3 released https://www.hex-rays.com/products/ida/news/7_5sp3/ #reverse #ida #dukeBarman
6.55K views
πŸ‘ 16❀️ 3
r0 Crew (Channel)
CHIPSEC 1.5.6 has been released! https://github.com/chipsec/chipsec/releases/tag/1.5.6 #reverse #uefi #dukeBarman
GitHub
Release Chipsec v1.5.6 Β· chipsec/chipsec
New or Updated Modules/UtilCmds:

common.secureboot.variables - Changed verbiage around "Blacklist" and "Whitelist" to use neutral terms
tools.smm.smm_ptr - Fixed python3 str/by...
4.08K views
πŸ‘ 0❀️ 3
r0 Crew (Channel)
Quick Unpack 20.10 (Source Code x86/x64)

https://forum.reverse4you.org/t/quick-unpack-20-10-source-code-x86-x64/12018

#reverse #tools #unpacker #darw1n
R0 CREW
Quick Unpack 20.10 (Source Code x86/x64)
Author: Archer Last Update: 2020.10.02 Source: QuickUnpackSrc.7z (593.7 KB)
4.89K views
πŸ‘ 6❀️ 4
r0 Crew (Channel)
Easily examine and understand any Windows system's hardware and software capability to prevent Meltdown and Spectre attacks.

https://www.grc.com/inspectre.htm

#tools #darw1n
Grc
GRC | InSpectre  
InSpectre - Inspect Windows Meltdown and Spectre Vulnerability
5.71K views
πŸ‘ 1❀️ 5