Easy way for analyzing the GootKit banking malware with radare2 http://reversingminds-blog.logdown.com/posts/7369479where #radare2 #malware #dukeBarman
Logdown
Easy way for analyzing the GootKit banking malware with radare2 « reversingminds's Blog
Tested sample md5: ae3ef3d2b5e953242d963efc2c635bd9
Gootkit is a banking malware that I started ...
Gootkit is a banking malware that I started ...
https://github.com/andreafioraldi/r2angrdbg/blob/master/examples/ais3_crackme/ais3_crackme.py #radare2 #angr #crackme
GitHub
r2angrdbg/ais3_crackme.py at master · andreafioraldi/r2angrdbg
Use angr inside the radare2 debugger. Create an angr state from the current debugger state. - r2angrdbg/ais3_crackme.py at master · andreafioraldi/r2angrdbg
https://blog.k3170makan.com/2018/09/introduction-to-elf-format-elf-header.html
https://blog.k3170makan.com/2018/09/introduction-to-elf-format-part-ii.html
https://blog.k3170makan.com/2018/09/introduction-to-elf-file-format-part.html
#reverse #linux #OKOB
https://blog.k3170makan.com/2018/09/introduction-to-elf-format-part-ii.html
https://blog.k3170makan.com/2018/09/introduction-to-elf-file-format-part.html
#reverse #linux #OKOB
K3170Makan
Introduction to the ELF Format : The ELF Header (Part I)
Hacking,Information Security,Penetration Testing,Google Hacking,Google Dorking,Keith Makan,Black Hat,Security Research,InfoSec,Web Site Security
Better Web-Pentesting in Windows with AHK https://www.acunetix.com/blog/web-security-zone/better-web-pentesting-in-windows-with-ahk/ #pentest #dukeBarman
Acunetix
Better web-pentesting in Windows with AHK | Acunetix
Article that looks at the use of AHK as a tool for pentesters. Windows is not a very popular OS for pentesters due to many reasons. Sometimes however we need to use it (at least on a virtual machine). This article shows examples on the use of hot keys to…
A Unicorn based emulator to deobfuscate Equation Group string XOR obfuscation https://github.com/gdbinit/unicorn_string_deobfuscator #malware #dukeBarman
GitHub
GitHub - gdbinit/unicorn_string_deobfuscator: A Unicorn based emulator to deobfuscate Equation Group string XOR obfuscation
A Unicorn based emulator to deobfuscate Equation Group string XOR obfuscation - gdbinit/unicorn_string_deobfuscator
https://david942j.blogspot.com/2018/10/note-learning-kvm-implement-your-own.html?m=1 #linux #jeisonwi
Blogspot
[Note] Learning KVM - implement your own kernel
Few weeks ago I solved a great KVM escaping challenge from TWCTF hosted by @TokyoWesterns . I have given a writeup on my blog: [Write-up] T...
https://googleprojectzero.blogspot.com/2018/10/365-days-later-finding-and-exploiting.html #exploit #dukeBarman
Blogspot
365 Days Later: Finding and Exploiting Safari Bugs using Publicly Available Tools
Posted by Ivan Fratric, Google Project Zero Around a year ago, we published the results of research about the resilience of modern bro...
Nikolaj Bjørner - Programming Z3
http://theory.stanford.edu/~nikolaj/programmingz3.html #z3 #smt #KosBeg
http://theory.stanford.edu/~nikolaj/programmingz3.html #z3 #smt #KosBeg
Cutter v1.7.2 has been released!
https://github.com/radareorg/cutter/releases #cutter #radare2 #reverse #KosBeg
https://github.com/radareorg/cutter/releases #cutter #radare2 #reverse #KosBeg
If you want to participate in #Hacktoberfest, welcome to https://hacktoberfest.digitalocean.com. For example you can choose tasks here https://github.com/radare/radare2/issues?utf8=%E2%9C%93&q=is%3Aopen+is%3Aissue+label%3AHacktoberfest #opensource
GitHub
radareorg/radare2
unix-like reverse engineering framework and commandline tools - radareorg/radare2
First #r2con2018 talk recording published! “Introducing r2 for humans” https://www.youtube.com/watch?v=ARH1S8ygDnk #r2con #radare2 #conference #dukeBarman
YouTube
r2con2018 - Introducing r2 for humans - Arnau Gàmez
This talk is aimed to introduce the newcomers to radare2 to its basic capabilities and usage in an easy and accessible way, as well as presenting some myths about the tool (trying to demystify them) and also pointing to resources to learn more and get support.…