How to reverse malware on macOS:
Part 1: https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/
Part 2: https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-two/
Part 3: https://www.sentinelone.com/blog/how-to-reverse-malware-on-macos-without-getting-infected-part-3/
#malware #macos #newbie #reverse #dukeBarman
Part 1: https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/
Part 2: https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-two/
Part 3: https://www.sentinelone.com/blog/how-to-reverse-malware-on-macos-without-getting-infected-part-3/
#malware #macos #newbie #reverse #dukeBarman
SentinelOne
How to Reverse Malware on macOS Without Getting Infected | Part 1
Ever wanted to learn how to reverse malware on Apple macOS? This is the place to start! Join us in this 3-part series on macOS reverse engineering skills.
Android App Reverse Engineering 101 https://maddiestone.github.io/AndroidAppRE/ #android #reverse #newbie #dukeBarman
Для тех студентов, что хотят интересно и познавательно провести лето 2019, развиваться в области ИБ, компания Digital Security снова открывает набор на "Summ3r 0f h4ck" в Санкт-Петербурге https://habr.com/ru/company/dsec/blog/450036/ #traineeship #dukeBarman
Хабр
Summ3r 0f h4ck: стажировка Digital Security 2019
Digital Security, одна из крупнейших консалтинговых компаний в области ИБ, приглашает на программу летней стажировки «Summ3r 0f h4ck» в Санкт-Петербурге. Summ3r 0f h4ck пройдёт с 15 июля по 15 августа...
A Python implementation of IDA FindCrypt/FindCrypt2 plugin https://github.com/you0708/ida/tree/master/idapython_tools/findcrypt #ida #reverse #dukeBarman
GitHub
ida/idapython_tools/findcrypt at master · you0708/ida
IDA related stuff. Contribute to you0708/ida development by creating an account on GitHub.
Hello everyone! Finally, our forum has moved to a new engine. The forum has two main languages for communication. This is English and Russian. But English has priority now.
https://www.reverse4you.org
https://www.reverse4you.org
Slides from #ghidra workshop INFILTRATE 2019 https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf #reverse #dukeBarman
GitHub
INFILTRATE2019/INFILTRATE Ghidra Slides.pdf at master · 0xAlexei/INFILTRATE2019
INFILTRATE 2019 Demo Materials. Contribute to 0xAlexei/INFILTRATE2019 development by creating an account on GitHub.
How To Do Firmware Analysis. Tools, Tips, and Tricks https://www.pentestpartners.com/security-blog/how-to-do-firmware-analysis-tools-tips-and-tricks/ #hardware #reverse #dukeBarman
Pen Test Partners
How To Do Firmware Analysis. Tools, Tips, and Tricks | Pen Test Partners
So, you’ve got a firmware dump. Perhaps a raw read off a chip? An update file you downloaded off the internet? Now what? Taking a firmware dump and turning it into something useful can sometimes be painful. Sometimes you’ll be faced with proprietary (barely…
SAFE (Self Attentive Function Embedding) - compute binary function embeddings to find out if two functions are similar or not. Based on radare2. github: https://github.com/gadiluna/SAFE Article: https://medium.com/@massarelli/safe-self-attentive-function-embedding-d80abbfea794 #reverse #radare2 #dukeBarman
GitHub
GitHub - gadiluna/SAFE: SAFE: Self-Attentive Function Embeddings for binary similarity
SAFE: Self-Attentive Function Embeddings for binary similarity - gadiluna/SAFE
Working With Ghidra P-Code To Identify Vulnerable Function Calls https://www.riverloopsecurity.com/blog/2019/05/pcode/ #ghidra #dukeBarman
River Loop Security
Working With Ghidra’s P-Code To Identify Vulnerable Function …
Cybersecurity solutions for the whole lifecycle of IoT and embedded systems.
A set of Linux binary exploitation tasks for beginners https://github.com/xairy/easy-linux-pwn #exploit #dukeBarman
GitHub
GitHub - xairy/easy-linux-pwn: A set of Linux binary exploitation tasks for beginners on various architectures
A set of Linux binary exploitation tasks for beginners on various architectures - xairy/easy-linux-pwn
Overcoming fear: reversing with radare2 https://conference.hitb.org/hitbsecconf2019ams/materials/D1T3%20-%20Reversing%20with%20Radare2%20-%20Arnau%20Gamez%20Montolio.pdf #radare2 #reverse #dukeBarman
ANBU - Automatic New Binary Unpacker with PIN DBI Framework https://github.com/Fare9/ANBU #reverse #pin #dukeBarman
GitHub
GitHub - Fare9/ANBU: ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking. - GitHub - Fare9/ANBU: ANBU (Automatic New Binary Unpacker) a tool for me to learn ...
GDB 8.3 Debugger Brings RISC-V, Terminal Styling, C++ Injection, IPv6 Connections https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gdb/NEWS;hb=gdb-8.3-release #debugger #dukeBarman
New class of speculative execution vulnerability: MDS (Microarchitectural Data Sampling) is a hardware vulnerability which allows unprivileged speculative access to data which is available in various CPU internal buffers.
RIDL and Fallout: MDS attacks
"Intro": https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
Official site: https://mdsattacks.com/
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
#hardware #exploit #dukeBarman
RIDL and Fallout: MDS attacks
"Intro": https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
Official site: https://mdsattacks.com/
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
#hardware #exploit #dukeBarman
Plugin for Ghidra to assist reversing Golang binaries https://github.com/felberj/gotools #reverse #ghidra #dukeBarman
GitHub
GitHub - felberj/gotools: Plugin for Ghidra to assist reversing Golang binaries
Plugin for Ghidra to assist reversing Golang binaries - felberj/gotools
Forwarded from OFFZONE
Уязвимости спекулятивного исполнения в современных процессорах свалились как снег на голову, но, кажется, худшее уже позади🙂
Хотя атаки типа Spectre и останутся с нами навсегда, чтобы уберечь нас от таких уязвимостей Intel CPU как Meltdown и Foreshadow, были внедрены различные меры. В свою очередь, разработчики браузеров внедрили изоляцию процессов, а у Intel даже есть кремниевые исправления в своих последних CPU.
Вы чувствуете себя в безопасности? 😈
Себастьян Остерлунд и Стефан Ван Шейк, члены исследовательской группы VUSec, выступят с подробным докладом о новых уязвимостях Intel на OFFZONE 2019.
#ridl #mds
Подробнее: https://offzone.moscow/ru/news/sebastian-sterlund-and-stephan-van-schaik-will-give-an-in-depth-talk-on-the-intel-s-new-vulnerabilit/
Хотя атаки типа Spectre и останутся с нами навсегда, чтобы уберечь нас от таких уязвимостей Intel CPU как Meltdown и Foreshadow, были внедрены различные меры. В свою очередь, разработчики браузеров внедрили изоляцию процессов, а у Intel даже есть кремниевые исправления в своих последних CPU.
Вы чувствуете себя в безопасности? 😈
Себастьян Остерлунд и Стефан Ван Шейк, члены исследовательской группы VUSec, выступят с подробным докладом о новых уязвимостях Intel на OFFZONE 2019.
#ridl #mds
Подробнее: https://offzone.moscow/ru/news/sebastian-sterlund-and-stephan-van-schaik-will-give-an-in-depth-talk-on-the-intel-s-new-vulnerabilit/