The C/C++ code analysis platform Joern has been resurrected!
https://medium.com/@fabs_60995/joern-reborn-f04e74399b2b
https://github.com/ShiftLeftSecurity/joern/releases #darw1n
https://medium.com/@fabs_60995/joern-reborn-f04e74399b2b
https://github.com/ShiftLeftSecurity/joern/releases #darw1n
Medium
Joern Reborn
In a blog post back in May 2018, we outlined our plans for saving the open-source C/C++ code analyzer “Joern”. Today, we are happy to…
An binary-to-LLVM IR lifter that leverages Ghidra's IR and analysis
https://github.com/toor-de-force/Ghidra-to-LLVM
#re #llvm #ghidra #darw1n
https://github.com/toor-de-force/Ghidra-to-LLVM
#re #llvm #ghidra #darw1n
GitHub
GitHub - toor-de-force/Ghidra-to-LLVM: An binary-to-LLVM IR lifter that leverages Ghidra's IR and analysis
An binary-to-LLVM IR lifter that leverages Ghidra's IR and analysis - toor-de-force/Ghidra-to-LLVM
A NTFS Bug in MFT parsing! Plug a USB key and BSOD (probably not exploitable by plug&pwn)! Microsoft WONTFIX.
https://exatrack.com/public/vuln_NTFS_EN.pdf
#re #bsod #expdev #darw1n
https://exatrack.com/public/vuln_NTFS_EN.pdf
#re #bsod #expdev #darw1n
Advancing Windows Security (PSEC 2019) https://www.platformsecuritysummit.com/2019/speaker/weston/ #windows #PSEC #videos #dukeBarman
The Evolution of Advanced Threats: REsearchers Arms Race https://www.platformsecuritysummit.com/2019/speaker/matrosov/ #hardware #PSEC #videos #dukeBarman
r2pipe noscript to autorename all the functions by recovering the original name from the assert statements https://gist.github.com/radare/04612d3804fa72c0cc832d06208cadaf #reverse #radare2 #dukeBarman
Gist
radare2 noscript to autoname functions by taking it from the assert calls
radare2 noscript to autoname functions by taking it from the assert calls - assnam.py
Technical analysis of the #checkm8 exploit https://habr.com/en/company/dsec/blog/472762/ #ios #exploit #dukeBarman
Habr
Technical analysis of the checkm8 exploit
Most likely you've already heard about the famous exploit checkm8, which uses an unfixable vulnerability in the BootROM of most iDevices, including iPhone X.
Windows 10 (RS1-19H2+) UAC bypass using EditionUpgradeManager undocumented autoelevated COM interface. Works together with environment variables spoofing,
https://gist.github.com/hfiref0x/de9c83966623236f5ebf8d9ae2407611
#re #redteam #uac #darw1n
https://gist.github.com/hfiref0x/de9c83966623236f5ebf8d9ae2407611
#re #redteam #uac #darw1n
Gist
UAC bypass using EditionUpgradeManager COM interface
UAC bypass using EditionUpgradeManager COM interface - akagi_58a.c
Export a binary from ghidra to emulate with unicorn https://github.com/AndrewFasano/ghidra-unicorn #reverse #ghidra #dukeBarman
GitHub
GitHub - AndrewFasano/ghidra-unicorn: Export a binary from ghidra to emulate with unicorn
Export a binary from ghidra to emulate with unicorn - AndrewFasano/ghidra-unicorn
Ghidra C++ Class and Run Time Type Information Analyzer https://github.com/astrelsky/Ghidra-Cpp-Class-Analyzer #reverse #ghidra #dukeBarman
GitHub
GitHub - astrelsky/Ghidra-Cpp-Class-Analyzer: Ghidra C++ Class and Run Time Type Information Analyzer
Ghidra C++ Class and Run Time Type Information Analyzer - astrelsky/Ghidra-Cpp-Class-Analyzer
Analysis of Qualcomm Secure Boot Chains https://blog.quarkslab.com/analysis-of-qualcomm-secure-boot-chains.html #hardware #dukeBarman
Quarkslab
Analysis of Qualcomm Secure Boot Chains - Quarkslab's blog
Qualcomm is the market-dominant hardware vendor for non-Apple smartphones. Considering the [SoCs] they produce are predominant, it has become increasingly interesting to reverse-engineer and take over their boot chain in order to get a hold onto the highest…
A workshop about hash collisions exploitations by Ange Albertini Slides: https://speakerdeck.com/ange/colltris Materials: https://github.com/corkami/collisions/blob/master/workshop/README.md #reverse #dukeBarman
Speaker Deck
Colltris
A workshop about hash collisions exploitations.
Extra materials @ https://github.com/corkami/collisions/blob/master/workshop/README.md
Current ver…
Extra materials @ https://github.com/corkami/collisions/blob/master/workshop/README.md
Current ver…
Modern Binary Analysis with ILs:
An interesting talk on binary analysis problems and important aspects of an IL.
https://binary.ninja/presentations/Modern%20Binary%20Analysis%20with%20ILs.pdf
#re #binary #trietptm
An interesting talk on binary analysis problems and important aspects of an IL.
https://binary.ninja/presentations/Modern%20Binary%20Analysis%20with%20ILs.pdf
#re #binary #trietptm
KTRW: The journey to build a debuggable iPhone (performing single-step kernel debugging with LLDB and IDA Pro over USB)
Article: https://googleprojectzero.blogspot.com/2019/10/ktrw-journey-to-build-debuggable-iphone.html
Source: https://github.com/googleprojectzero/ktrw #ios #debugger #dukeBarman
Article: https://googleprojectzero.blogspot.com/2019/10/ktrw-journey-to-build-debuggable-iphone.html
Source: https://github.com/googleprojectzero/ktrw #ios #debugger #dukeBarman
Blogspot
KTRW: The journey to build a debuggable iPhone
Posted by Brandon Azad, Project Zero In my role here at Project Zero, I do not use some of the tooling used by some external iOS securit...
"Leveraging KVM as a debugging platform" https://drive.google.com/file/d/1nFoCM62BWKSz2TKhNkrOjVwD8gP51VGK/view #debugger #hacklu #dukeBarman
Platform Security Summit 2019 videos https://www.youtube.com/watch?v=WmC65VrnBPI&list=PLZZv_tsTtzHb2P6z9JGCRldtTdhJb3y0C #hardware #conference #dukeBarman
YouTube
Growing Risks in the Software Supply Chain — Mark Sherman, CMU — Platform Security Summit 2019
https://PlatformSecuritySummit.com/2019/speaker/sherman
Today’s software is largely assembled rather than written, and most of the assembly comes from open source components. The creation of components and their inclusion into applications creates a “supply…
Today’s software is largely assembled rather than written, and most of the assembly comes from open source components. The creation of components and their inclusion into applications creates a “supply…
#radare2 4.0 is out! codename "Kràmpack" https://github.com/radareorg/radare2/releases/tag/4.0.0 #reverse #dukeBarman
GitHub
Release v4.0 : Codename Kràmpack - vifino edition · radareorg/radare2
Release Notes
Version: 4.0.0
From: 3.9.0
To: 4.0.0
Commits: 299
Contributors: 48
Changes
anal
Bring back the MASK_DISASM because not all nanal plugins support it yet ##anal
Select default var type...
Version: 4.0.0
From: 3.9.0
To: 4.0.0
Commits: 299
Contributors: 48
Changes
anal
Bring back the MASK_DISASM because not all nanal plugins support it yet ##anal
Select default var type...
Hardware Hacking Cheatsheet infograph https://github.com/arunmagesh/hw_hacking_cheatsheet #hardware #reverse #dukeBarman
r2elk: #Radare2 API bindings to extract binary metadata into Elasticsearch https://github.com/jaredestroud/r2elk #reverse #dukeBarman
GitHub
GitHub - archcloudlabs/r2elk: Radare2 Metadata Extraction to Elasticsearch
Radare2 Metadata Extraction to Elasticsearch. Contribute to archcloudlabs/r2elk development by creating an account on GitHub.
Reverse Engineering and Code Emulation with #Ghidra
Slides: https://github.com/kc0bfv/Saintcon2019GhidraTalk
Video: https://twitch.tv/videos/498159435
Source of python pcode emulator: https://github.com/kc0bfv/pcode-emulator
#reverse #dukeBarman
Slides: https://github.com/kc0bfv/Saintcon2019GhidraTalk
Video: https://twitch.tv/videos/498159435
Source of python pcode emulator: https://github.com/kc0bfv/pcode-emulator
#reverse #dukeBarman
GitHub
GitHub - kc0bfv/Saintcon2019GhidraTalk: The slides from my Saintcon 2019 talk.
The slides from my Saintcon 2019 talk. Contribute to kc0bfv/Saintcon2019GhidraTalk development by creating an account on GitHub.