Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019 https://vimeo.com/335158460 #reverse #ghidra #dukeBarman
Vimeo
Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019
INFILTRATE 2020 will be held October 11-16, Miami Beach, Florida, infiltratecon.com
Remote iPhone Exploitation
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
#exploit #ios #dukeBarman
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
#exploit #ios #dukeBarman
Blogspot
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
Posted by Samuel Groß, Project Zero Introduction This is the first blog post in a three-part series that will detail how a vulnerability...
Windows Debugging & Exploiting
Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
#debugger #windbg #reverse #dukeBarman
Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/
#debugger #windbg #reverse #dukeBarman
Trustwave
Windows Debugging & Exploiting Part 1 - Environment Setup
In this blog series, I will try to set some base knowledge for Windows system debugging and exploitation and present how to setup an environment for remote kernel debugging.
Native XEX loader for IDA 7+, supporting most known Xbox360 executable formats. https://github.com/emoose/idaxex #reverse #ida #dukeBarman
GitHub
GitHub - emoose/idaxex: Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats…
Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats (XEX/XBE) - emoose/idaxex
[ KASLD ] Kernel Address Space Layout Derandomization - A collection of various techniques to bypass KASLR and retrieve the Linux kernel base virtual address on x86 / x86_64 architectures as an unprivileged user https://github.com/bcoles/kasld #exploitation #linux #dukeBarman
GitHub
GitHub - bcoles/kasld: Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux…
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing K...
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) https://github.com/guyinatuxedo/nightmare #reverse #exploitation #dukeBarman
GitHub
GitHub - guyinatuxedo/nightmare
Contribute to guyinatuxedo/nightmare development by creating an account on GitHub.
Browser jit exploitation quick start by https://twitter.com/hosselot/
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
X (formerly Twitter)
Hossein Lotfi (@hosselot) on X
Vulnerability researcher at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips. 'A machine never faults. It reflects human's faults.'
BattlEye Anticheat: Analysis And Mitigation
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Хабр
Реверс-инжиниринг популярного античита BattlEye
BattlEye — это преимущетвенно немецкий сторонний античит, в основном разрабатываемый 32-летним Бастианом Хейко Сутером. Он предоставляет (или пытается предостав...
UEFI modules analysing with BinDiff IDA plugin https://yeggor.github.io/UEFI_BinDiff/ #reverse #dukeBarman
A collection of pwn/CTF related utilities for Ghidra https://github.com/0xb0bb/pwndra #reverse #ctf #ghidra #dukeBarman
GitHub
GitHub - 0xb0bb/pwndra: A collection of pwn/CTF related utilities for Ghidra
A collection of pwn/CTF related utilities for Ghidra - 0xb0bb/pwndra
Reverse engineering course by Z0F. Focuses on x64 Windows https://github.com/0xZ0F/Z0FCourse_ReverseEngineering #reverse #dukeBarman
GitHub
GitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.
Reverse engineering focusing on x64 Windows. Contribute to 0xZ0F/Z0FCourse_ReverseEngineering development by creating an account on GitHub.
Fifty shades darker: no safe wor(l)d in SMM https://www.synacktiv.com/posts/exploit/through-the-smm-class-and-a-vulnerability-found-there.html #reverse #uefi #hardware #dukeBarman
#Ghidra Script that sets the names for missing function names by looking for relevant patterns in the binary (using regex!) https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_noscripts #reverse #dukeBarman
GitHub
general-research-tools/ghidra_noscripts at master · alephsecurity/general-research-tools
Contribute to alephsecurity/general-research-tools development by creating an account on GitHub.
Script for automatically identifying + labeling the Nintendo Switch SVC tables. https://gist.github.com/SciresM/1c675b885d7277de51013b56b89917bb #ida #hardware #dukeBarman
Gist
Script for automatically identifying + labeling the Nintendo Switch SVC tables.
Script for automatically identifying + labeling the Nintendo Switch SVC tables. - kernel_svc_tables.py
Lecture notes for the Hardware and Embedded Systems Security lecture https://github.com/david-oswald/hwsec_lecture_notes #reverse #hardware #dukeBarman
GitHub
GitHub - david-oswald/hwsec_lecture_notes: Lecture notes for the Hardware and Embedded Systems Security lecture
Lecture notes for the Hardware and Embedded Systems Security lecture - david-oswald/hwsec_lecture_notes
radare2 version 4.2 is out! https://github.com/radareorg/radare2/releases/tag/4.2.0 #reverse #radare2 #dukeBarman
GitHub
Release Arctic World Archive · radareorg/radare2
On February 2, 2020, GitHub will capture a snapshot of every active public repository, to be preserved in the GitHub Arctic Code Vault. This data will be stored on 3,500-foot film reels, provided a...
ApplicationInspector - source code analyzer by Microsoft https://github.com/Microsoft/ApplicationInspector #codereview #dukeBarman
GitHub
GitHub - microsoft/ApplicationInspector: A source code analyzer built for surfacing features of interest and other characteristics…
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a j...