WINNIE: Fuzzing Windows Applications with Harness Synthesis and Fast Cloning
Georgia Tech researchers released the source code of their WinAFL fork that uses a fork server through undocumented Windows APIs. They also include an intelligent harness generation tool with it. This results in a speedup of 26.6x, supporting 2.2x more binaries than WinAFL, and harnesses which require only a few LoC of change.
Paper: https://www.ndss-symposium.org/wp-content/uploads/ndss2021_6A-3_24334_paper.pdf
Video: https://www.youtube.com/watch?v=h7P65RJXd3c&list=PLfUWWM-POgQtbX-IfBwWlu-hQt2_f7vVK&index=4
Repo: https://github.com/sslab-gatech/winnie
#fuzzing #windows #gdynamics
Georgia Tech researchers released the source code of their WinAFL fork that uses a fork server through undocumented Windows APIs. They also include an intelligent harness generation tool with it. This results in a speedup of 26.6x, supporting 2.2x more binaries than WinAFL, and harnesses which require only a few LoC of change.
Paper: https://www.ndss-symposium.org/wp-content/uploads/ndss2021_6A-3_24334_paper.pdf
Video: https://www.youtube.com/watch?v=h7P65RJXd3c&list=PLfUWWM-POgQtbX-IfBwWlu-hQt2_f7vVK&index=4
Repo: https://github.com/sslab-gatech/winnie
#fuzzing #windows #gdynamics
Security probe of Qualcomm MSM data services https://research.checkpoint.com/2021/security-probe-of-qualcomm-msm/ #exploitation #android #hardware #dukeBarman
Check Point Research
Security probe of Qualcomm MSM data services - Check Point Research
Research By: Slava Makkaveev Introduction Mobile Station Modem (MSM) is an ongoing series of a 2G/3G/4G/5G-capable system on chips (SoC) designed by Qualcomm starting in the early 1990s. MSM has always been and will be a popular target for security researchβ¦
Information From Thin Air: Using SDR to Extract DTMF from Radio Waves https://www.blackhillsinfosec.com/information-from-thin-air-using-sdr-to-extract-dtmf-from-radio-waves/ #hardware #dukeBarman
Black Hills Information Security, Inc.
Information From Thin Air: Using SDR to Extract DTMF from Radio Waves - Black Hills Information Security, Inc.
Ray Felch // Disclaimer When using an FM transmitter, do not modify the intended operation of the module by amplifying the transmitted signal. Also, be sure that attaching an FM high gain [β¦]
IDA-minsc is a plugin for IDA Pro that simplifies IDAPython https://github.com/arizvisa/ida-minsc #reverse #IDA #dukeBarman
GitHub
GitHub - arizvisa/ida-minsc: A plugin based on IDAPython for a functional DWIM interface. Current development against most recentβ¦
A plugin based on IDAPython for a functional DWIM interface. Current development against most recent IDA is in the "persistence-refactor" branch, ancient (but stable) work is in &...
Database of private SSL/SSH keys for embedded devices https://github.com/devttys0/littleblackbox #reverse #hardware #dukeBarman
GitHub
GitHub - devttys0/littleblackbox: Database of private SSL/SSH keys for embedded devices
Database of private SSL/SSH keys for embedded devices - devttys0/littleblackbox
FIN7: Lizar toolkit architecture
https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
#malware #analysis #darw1n
https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
#malware #analysis #darw1n
Medium
From pentest to APT attack: cybercriminal group FIN7 disguises its malware as an ethical hackerβsβ¦
The article was prepared by BI.ZONE Cyber Threats Research Team
Experiment to attempt to build Apple's dyld tools. https://github.com/oleavr/dyld-tools #iOS #macOS #reverse #dukeBarman
GitHub
GitHub - oleavr/dyld-tools: Experiment to attempt to build Apple's dyld tools.
Experiment to attempt to build Apple's dyld tools. - oleavr/dyld-tools
A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence https://github.com/MCUSec/uEmu #reverse #hardware #dukeBarman
GitHub
GitHub - MCUSec/uEmu: A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence.
A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence. - MCUSec/uEmu
π Today marks IDA's 30 years around the sun! Join us in celebrating this birthday, and expect many more to come: https://hex-rays.com/blog/ida-celebrating-30-years-of-binary-analysis-innovation/
#idapro #30thanniversary #reverse #ida #KosBeg
#idapro #30thanniversary #reverse #ida #KosBeg
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture
https://back.engineering/17/05/2021/
#reverse #vm #debug #vmprotect #antidebug #analysis #KosBeg
https://back.engineering/17/05/2021/
#reverse #vm #debug #vmprotect #antidebug #analysis #KosBeg
iOS 14.5 WebKit/Safari based Jailbreak Made by RPwnage & the Manticore team
https://github.com/RPwnage/pwn-my
#reverse #expdev #ios #mobile #jailbreak #heckysome
https://github.com/RPwnage/pwn-my
#reverse #expdev #ios #mobile #jailbreak #heckysome
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/
#reverse #ghidra #nodejs #decompiler #plugin #darw1n
PT SWARM
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
I build robots for fun. Rick Sanchez Itβs common knowledge that in 2019 the NSA decided to open source its reverse engineering framework known as Ghidra. Due to its versatility, it quickly became popular among security researchers. This article is one ofβ¦