x0rro — A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2 https://iwantmore.pizza/posts/x0rro.html #reverse #dukeBarman

Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories https://github.com/malrev/ABD #reverse #dukeBarman

R.I.P ROP: CET Internals in Windows 20H1

https://windows-internals.com/cet-on-windows/

#expdev #rop #windows #cet #intel #darw1n

Defeating Ptrace Anti-Debug

https://aaronyoo.github.io/ptrace-anti-debug.html

#re #tips #linux #antidebug #darw1n

Retdec team has officially released the first version of RetDec's decompiler plugin for radare2&Cutter https://github.com/avast/retdec-r2plugin #reverse #radare2 #dukeBarman

https://googleprojectzero.blogspot.com/2020/02/mitigations-are-attack-surface-too.html #expdev #android #Thatskriptkid

“On emulating hypervisors; a Samsung RKP case study” http://www.phrack.org/papers/emulating_hypervisors_samsung_rkp.html #reverse #mobile #ezine #dukeBarman

Patching MacOS Sketch.App for unlimited Trial in Ghidra https://duraki.github.io/posts/o/20200214-sketch.app-patch-in-ghidra.html #reverse #ghidra #dukeBarman

IDA loader for SEGA Master System ROMs https://github.com/zznop/ida-sms #reverse #ida #dukeBarman

A static analyzer for PE executables https://github.com/JusticeRage/Manalyze #reverse #malware #dukeBarman

Humble Bundle has started a new sale. This bundle has good books about Reverse Engineering and supports EFF and letsencrypt https://www.humblebundle.com/books/cybersecurity-2020-wiley-books #reverse #books #dukeBarman

No Clicks Required Exploiting Memory Corruption Vulnerabilities in Messenger Apps https://saelo.github.io/presentations/offensivecon_20_no_clicks.pdf #exploitation #ios #dukeBarman

KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices https://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf #reverse #hardware #dukeBarman

IDA Pro loader for the Nintendo Switch secure monitor https://github.com/SciresM/nx_secmon_ida_loader #reverse #hardware #ida #dukeBarman

DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing

Source: https://github.com/deepbindiff/DeepBinDiff
Article: https://www.ndss-symposium.org/wp-content/uploads/2020/02/24311.pdf

#reverse #dukeBarman

MLIR: A Compiler Infrastructure for the End of Moore's Law
https://arxiv.org/abs/2002.11054 #jeisonwi

Linux kernel 3.x - 5.x XFRM UAF PoC

A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.

CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc

The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf

POC:
https://github.com/duasynt/xfrm_poc

#re #expdev #linux #kernel #cve #darw1n

Beginner/intermediate malware analysis training materials https://github.com/OpenRCE/Malware-Analysis-Training #reverse #malware #dukeBarman

Scripting in Ghidra, Patching MacOS Image2Icon https://duraki.github.io/posts/o/20200227-ghidra-noscripting-image2icon.html #reverse #ghidra #dukeBarman

Ghidra Decompiler Notes https://gist.github.com/v-p-b/5be986dfe494249374cecf058d4dd41c #reverse #ghidra #dukeBarman

Aero CTF 2020 - Aerofloat (ROP chain on amd64 ELF binary) Aero CTF writeup using radare2 and pwntools https://meowmeowxw.gitlab.io/ctf/aero-2020-aerofloat/ #reverse #ctf #radare2 #dukeBarman