Suite of plugins that provide the ability to transfer analysis data between Binary Ninja and IDA https://github.com/zznop/bnida #reverse #ida #binaryninja #dukeBarman
GitHub
GitHub - zznop/bnida: Transfer analysis data between Binary Ninja and IDA
Transfer analysis data between Binary Ninja and IDA - zznop/bnida
Intel Processor Trace for System Management Mode (ring-2) code tracing.
English: https://sysenter-eip.github.io/intel_pt_smm
Russian: https://habr.com/en/company/dsec/blog/481692
#reverse #hardware #dukeBarman
English: https://sysenter-eip.github.io/intel_pt_smm
Russian: https://habr.com/en/company/dsec/blog/481692
#reverse #hardware #dukeBarman
Habr
Использование Intel Processor Trace для трассировки кода System Management Mode
Эта статья посвящена тестированию возможности использования технологии Intel Processor Trace (Intel PT) для записи трассы в System Management Mode (SMM) режиме. Работа была выполнена в рамках Summer...
Another XMas release - frida-fuzzer v1.2 https://github.com/andreafioraldi/frida-fuzzer/releases/tag/1.2 #reverse #fuzzing #frida #dukeBarman
GitHub
Release Release 1.2 · andreafioraldi/frida-fuzzer
Fuzzer queue cached in the process to minimize the exchanged messages and speedup remote fuzzing (e.g. Android via adb)
Stalker transform in CModule to speedup not-x64 targets
Support to fuzzer dic...
Stalker transform in CModule to speedup not-x64 targets
Support to fuzzer dic...
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) https://github.com/marin-m/vmlinux-to-elf #reverse #linux #dukeBarman
GitHub
GitHub - marin-m/vmlinux-to-elf: A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol…
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) - marin-m/vmlinux-to-elf
Integrate Ghidra's decompiler as an Ida plugin https://github.com/cseagle/blc #reverse #ida #ghidra #dukeBarman
GitHub
GitHub - cseagle/blc: Integrate Ghidra's decompiler as an Ida plugin
Integrate Ghidra's decompiler as an Ida plugin. Contribute to cseagle/blc development by creating an account on GitHub.
Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400 https://github.com/wargio/libmc7 #reverse #radare2 #dukeBarman
GitHub
GitHub - rizinorg/rz-libmc7: Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400
Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400 - rizinorg/rz-libmc7
Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019 https://vimeo.com/335158460 #reverse #ghidra #dukeBarman
Vimeo
Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019
INFILTRATE 2020 will be held October 11-16, Miami Beach, Florida, infiltratecon.com
Remote iPhone Exploitation
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
#exploit #ios #dukeBarman
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
#exploit #ios #dukeBarman
Blogspot
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
Posted by Samuel Groß, Project Zero Introduction This is the first blog post in a three-part series that will detail how a vulnerability...
Windows Debugging & Exploiting
Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
#debugger #windbg #reverse #dukeBarman
Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
#debugger #windbg #reverse #dukeBarman
Trustwave
Windows Debugging & Exploiting Part 1 - Environment Setup
In this blog series, I will try to set some base knowledge for Windows system debugging and exploitation and present how to setup an environment for remote kernel debugging.
Native XEX loader for IDA 7+, supporting most known Xbox360 executable formats. https://github.com/emoose/idaxex #reverse #ida #dukeBarman
GitHub
GitHub - emoose/idaxex: Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats…
Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats (XEX/XBE) - emoose/idaxex
[ KASLD ] Kernel Address Space Layout Derandomization - A collection of various techniques to bypass KASLR and retrieve the Linux kernel base virtual address on x86 / x86_64 architectures as an unprivileged user https://github.com/bcoles/kasld #exploitation #linux #dukeBarman
GitHub
GitHub - bcoles/kasld: Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux…
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing K...
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) https://github.com/guyinatuxedo/nightmare #reverse #exploitation #dukeBarman
GitHub
GitHub - guyinatuxedo/nightmare
Contribute to guyinatuxedo/nightmare development by creating an account on GitHub.
Browser jit exploitation quick start by https://twitter.com/hosselot/
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
X (formerly Twitter)
Hossein Lotfi (@hosselot) on X
Vulnerability researcher at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips. 'A machine never faults. It reflects human's faults.'
BattlEye Anticheat: Analysis And Mitigation
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Хабр
Реверс-инжиниринг популярного античита BattlEye
BattlEye — это преимущетвенно немецкий сторонний античит, в основном разрабатываемый 32-летним Бастианом Хейко Сутером. Он предоставляет (или пытается предостав...
UEFI modules analysing with BinDiff IDA plugin https://yeggor.github.io/UEFI_BinDiff/ #reverse #dukeBarman
A collection of pwn/CTF related utilities for Ghidra https://github.com/0xb0bb/pwndra #reverse #ctf #ghidra #dukeBarman
GitHub
GitHub - 0xb0bb/pwndra: A collection of pwn/CTF related utilities for Ghidra
A collection of pwn/CTF related utilities for Ghidra - 0xb0bb/pwndra
Reverse engineering course by Z0F. Focuses on x64 Windows https://github.com/0xZ0F/Z0FCourse_ReverseEngineering #reverse #dukeBarman
GitHub
GitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.
Reverse engineering focusing on x64 Windows. Contribute to 0xZ0F/Z0FCourse_ReverseEngineering development by creating an account on GitHub.