Extract annoations from Ghidra into an X32/X64 dbg database https://github.com/revolver-ocelot-saa/GhidraX64Dbg #reverse #ghidra #dukeBarman
GitHub
GitHub - revolver-ocelot-saa/GhidraX64Dbg: Extract annoations from Ghidra into an X32/X64 dbg database
Extract annoations from Ghidra into an X32/X64 dbg database - revolver-ocelot-saa/GhidraX64Dbg
TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets. https://taintinduce.github.io/ #reverse #taint #dukeBarman
taintinduce.github.io
TaintInduce Project Page
Attacking Hexagon: Security Analysis of Qualcomm's aDSP (RECON MONTREAL 2019) https://census-labs.com/news/2019/08/26/attacking-hexagon-security-analysis-of-qualcomms-adsp-recon-montreal-2019/ #reverse #dukeBarman
Census-Labs
CENSUS | Cybersecurity Engineering
Attending Recon 2019 was an amazing experience with many interesting talks. I would like to thank the organizers for the excellent event and I definitely hope to return next year.
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html #ios #jeisonwi
Blogspot
A very deep dive into iOS Exploit chains found in the wild
Posted by Ian Beer, Project Zero Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report se...
Binary symbolic execution with KLEE-Native https://blog.trailofbits.com/2019/08/30/binary-symbolic-execution-with-klee-native/ #reverse #dukeBarman
The Trail of Bits Blog
Binary symbolic execution with KLEE-Native
KLEE-Native, a fork of KLEE that operates on binary program snapshots by lifting machine code to LLVM bitcode.
Zero To RCE In Two Days - Exploiting Zoom on macOS https://gsec.hitb.org/materials/sg2019/D1%20COMMSEC%20-%20Zero%20to%20RCE%20in%20Two%20Days%20-%20Exploiting%20Zoom%20On%20macOS%20-%20Michael%20Gianarakis%20&%20Sean%20Yeoh.pdf #macos #dukeBarman
Reverse Taint Analysis Using Binary Ninja
https://blog.trailofbits.com/2019/08/29/reverse-taint-analysis-using-binary-ninja/ #reverse #dukeBarman
https://blog.trailofbits.com/2019/08/29/reverse-taint-analysis-using-binary-ninja/ #reverse #dukeBarman
The Trail of Bits Blog
Reverse Taint Analysis Using Binary Ninja
We open-sourced a set of static analysis tools, KRFAnalysis, that analyze and triage output from our system call (syscall) fault injection tool KRF. Now you can easily figure out where and why, KRF crashes your programs. During my summer internship at Trail…
ROP On x64: What's ret2csu Again? https://bananamafia.dev/post/x64-rop-redpwn/ #radare2 #CTF #exploit #dukeBarman
Automated ROP Chain Integrity https://bannedit.github.io/Automated-ROP-Chain-Integrity.html#Automated-ROP-Chain-Integrity #exploit #dukeBarman
bannedit's musings
Automated ROP Chain Integrity
In software engineering unit testing has become the norm. In the world of exploit development, testing and automation is lacking. This blog post will introduce a technique for automated testing of Return Oriented Programming (ROP) chain integrity. Admittedly…
lpe is a collection of verified Linux kernel exploits https://github.com/jollheef/lpe #exploit #dukeBarman
GitHub
GitHub - jollheef/lpe: collection of verified Linux kernel exploits
collection of verified Linux kernel exploits. Contribute to jollheef/lpe development by creating an account on GitHub.
BinDiff wrapper noscript for multiple binary diffing https://github.com/TakahiroHaruyama/ida_haru/tree/master/bindiff #reverse #dukeBarman
GitHub
ida_haru/bindiff at master · TakahiroHaruyama/ida_haru
noscripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.
IDA loader for Apple 64 bits SecureROM, based on _argp's iBoot64helper https://github.com/matteyeux/srom64helper #ida #reverse #dukeBarman
GitHub
GitHub - matteyeux/srom64helper: use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced
use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced - matteyeux/srom64helper
DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables https://github.com/googleprojectzero/DrSancov #fuzzing #dukeBarman
GitHub
GitHub - googleprojectzero/DrSancov: DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables
DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables - googleprojectzero/DrSancov
[GSoC] Ghidra firmware utilities, wrap-up https://blogs.coreboot.org/blog/2019/08/22/gsoc-ghidra-firmware-utilities-wrap-up/ #ghidra #hardware #reverse #dukeBarman
coreboot
Ghidra firmware utilities, wrap-up
Hi everyone. The official programming period for GSoC 2019 is now over, and it's time for final evaluations. I will use this post to summarize what I've worked on this summer, as well as how to use the Ghidra plugin. The project is available on GitHub:
Patching system improvement plugin for IDA https://github.com/scottmudge/DebugAutoPatch #reverse #ida #dukeBarman
GitHub
GitHub - scottmudge/DebugAutoPatch: Patching system improvement plugin for IDA.
Patching system improvement plugin for IDA. Contribute to scottmudge/DebugAutoPatch development by creating an account on GitHub.
Heap exploit development - case study from an in-the-wild iOS 0-day https://azeria-labs.com/heap-exploit-development-part-1/ #exploit #ios #dukeBarman
Azeria-Labs
Heap Exploit Development