Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) https://github.com/guyinatuxedo/nightmare #reverse #exploitation #dukeBarman
GitHub
GitHub - guyinatuxedo/nightmare
Contribute to guyinatuxedo/nightmare development by creating an account on GitHub.
Browser jit exploitation quick start by https://twitter.com/hosselot/
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javanoscript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf
Also:
- https://doar-e.github.io
- https://phoenhex.re
#exploit #exploitation #dukeBarman
X (formerly Twitter)
Hossein Lotfi (@hosselot) on X
Vulnerability researcher at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips. 'A machine never faults. It reflects human's faults.'
BattlEye Anticheat: Analysis And Mitigation
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/
Part2:
https://vmcall.blog/battleye-analysis-2020/
RU:
https://habr.com/ru/post/483068/
#reverse #dukeBarman
Хабр
Реверс-инжиниринг популярного античита BattlEye
BattlEye — это преимущетвенно немецкий сторонний античит, в основном разрабатываемый 32-летним Бастианом Хейко Сутером. Он предоставляет (или пытается предостав...
UEFI modules analysing with BinDiff IDA plugin https://yeggor.github.io/UEFI_BinDiff/ #reverse #dukeBarman
A collection of pwn/CTF related utilities for Ghidra https://github.com/0xb0bb/pwndra #reverse #ctf #ghidra #dukeBarman
GitHub
GitHub - 0xb0bb/pwndra: A collection of pwn/CTF related utilities for Ghidra
A collection of pwn/CTF related utilities for Ghidra - 0xb0bb/pwndra
Reverse engineering course by Z0F. Focuses on x64 Windows https://github.com/0xZ0F/Z0FCourse_ReverseEngineering #reverse #dukeBarman
GitHub
GitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.
Reverse engineering focusing on x64 Windows. Contribute to 0xZ0F/Z0FCourse_ReverseEngineering development by creating an account on GitHub.
Fifty shades darker: no safe wor(l)d in SMM https://www.synacktiv.com/posts/exploit/through-the-smm-class-and-a-vulnerability-found-there.html #reverse #uefi #hardware #dukeBarman
#Ghidra Script that sets the names for missing function names by looking for relevant patterns in the binary (using regex!) https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_noscripts #reverse #dukeBarman
GitHub
general-research-tools/ghidra_noscripts at master · alephsecurity/general-research-tools
Contribute to alephsecurity/general-research-tools development by creating an account on GitHub.
Script for automatically identifying + labeling the Nintendo Switch SVC tables. https://gist.github.com/SciresM/1c675b885d7277de51013b56b89917bb #ida #hardware #dukeBarman
Gist
Script for automatically identifying + labeling the Nintendo Switch SVC tables.
Script for automatically identifying + labeling the Nintendo Switch SVC tables. - kernel_svc_tables.py
Lecture notes for the Hardware and Embedded Systems Security lecture https://github.com/david-oswald/hwsec_lecture_notes #reverse #hardware #dukeBarman
GitHub
GitHub - david-oswald/hwsec_lecture_notes: Lecture notes for the Hardware and Embedded Systems Security lecture
Lecture notes for the Hardware and Embedded Systems Security lecture - david-oswald/hwsec_lecture_notes
radare2 version 4.2 is out! https://github.com/radareorg/radare2/releases/tag/4.2.0 #reverse #radare2 #dukeBarman
GitHub
Release Arctic World Archive · radareorg/radare2
On February 2, 2020, GitHub will capture a snapshot of every active public repository, to be preserved in the GitHub Arctic Code Vault. This data will be stored on 3,500-foot film reels, provided a...
ApplicationInspector - source code analyzer by Microsoft https://github.com/Microsoft/ApplicationInspector #codereview #dukeBarman
GitHub
GitHub - microsoft/ApplicationInspector: A source code analyzer built for surfacing features of interest and other characteristics…
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a j...
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor https://github.com/changeofpace/VivienneVMM #exploitation #dukeBarman
GitHub
GitHub - changeofpace/VivienneVMM: VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor. - changeofpace/VivienneVMM
Fuzzing software: common challenges and potential solutions (Part 1) https://securitylab.github.com/research/fuzzing-challenges-solutions-1 #fuzzing #exploitation #dukeBarman
GitHub Security Lab
Fuzzing software: common challenges and potential solutions (Part 1)
Based on our security audit of VLC Media Player, we share some common fuzzing challenges, and practical ways to address them. Read on to discover a variety of fuzzing strategies.
New Cutter release 1.10.1 "Arctic Archive" https://github.com/radareorg/cutter/releases/tag/v1.10.1 #reverse #radare2 #jeisonwi
A refreshed web site for Hex-Rays https://www.hex-rays.com/blog/a-refreshed-web-site-for-hex-rays/ #ida
Magisk Module to enable engineering build props https://github.com/evdenis/enable_eng #reverse #hardware #android #dukeBarman
GitHub
GitHub - evdenis/enable_eng: Magisk Module to enable engineering build props
Magisk Module to enable engineering build props. Contribute to evdenis/enable_eng development by creating an account on GitHub.