Windows Debugging & Exploiting

Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/

#debugger #windbg #reverse #dukeBarman

PEDA-like debugger UI for WinDbg https://github.com/bruce30262/TWindbg #reverse #debugger #windbg #dukeBarman

Native XEX loader for IDA 7+, supporting most known Xbox360 executable formats. https://github.com/emoose/idaxex #reverse #ida #dukeBarman

[ KASLD ] Kernel Address Space Layout Derandomization - A collection of various techniques to bypass KASLR and retrieve the Linux kernel base virtual address on x86 / x86_64 architectures as an unprivileged user https://github.com/bcoles/kasld #exploitation #linux #dukeBarman

Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) https://github.com/guyinatuxedo/nightmare #reverse #exploitation #dukeBarman

Browser jit exploitation quick start by https://twitter.com/hosselot/

- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf

Also:
- https://doar-e.github.io
- https://phoenhex.re

#exploit #exploitation #dukeBarman

C++ for Hackers https://vimeo.com/384348826 #dukeBarman

BattlEye Anticheat: Analysis And Mitigation

Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/

Part2:
https://vmcall.blog/battleye-analysis-2020/

RU:
https://habr.com/ru/post/483068/

#reverse #dukeBarman

UEFI modules analysing with BinDiff IDA plugin https://yeggor.github.io/UEFI_BinDiff/ #reverse #dukeBarman

A collection of pwn/CTF related utilities for Ghidra https://github.com/0xb0bb/pwndra #reverse #ctf #ghidra #dukeBarman

GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.

https://gtfobins.github.io/

#pentest #redteam #ctf #linux #darw1n

Reverse engineering course by Z0F. Focuses on x64 Windows https://github.com/0xZ0F/Z0FCourse_ReverseEngineering #reverse #dukeBarman

Fifty shades darker: no safe wor(l)d in SMM https://www.synacktiv.com/posts/exploit/through-the-smm-class-and-a-vulnerability-found-there.html #reverse #uefi #hardware #dukeBarman

#Ghidra Script that sets the names for missing function names by looking for relevant patterns in the binary (using regex!) https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_noscripts #reverse #dukeBarman

Script for automatically identifying + labeling the Nintendo Switch SVC tables. https://gist.github.com/SciresM/1c675b885d7277de51013b56b89917bb #ida #hardware #dukeBarman

Automatic ROPChain Generation https://github.com/d4em0n/exrop #reverse #exploitation #dukeBarman

Lecture notes for the Hardware and Embedded Systems Security lecture https://github.com/david-oswald/hwsec_lecture_notes #reverse #hardware #dukeBarman

radare2 version 4.2 is out! https://github.com/radareorg/radare2/releases/tag/4.2.0 #reverse #radare2 #dukeBarman

ApplicationInspector - source code analyzer by Microsoft https://github.com/Microsoft/ApplicationInspector #codereview #dukeBarman

VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor https://github.com/changeofpace/VivienneVMM #exploitation #dukeBarman

Fuzzing software: common challenges and potential solutions (Part 1) https://securitylab.github.com/research/fuzzing-challenges-solutions-1 #fuzzing #exploitation #dukeBarman