IDA Pro loader for the Nintendo Switch secure monitor https://github.com/SciresM/nx_secmon_ida_loader #reverse #hardware #ida #dukeBarman
GitHub
GitHub - SciresM/nx_secmon_ida_loader: IDA Pro loader for the Nintendo Switch secure monitor
IDA Pro loader for the Nintendo Switch secure monitor - SciresM/nx_secmon_ida_loader
DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing
Source: https://github.com/deepbindiff/DeepBinDiff
Article: https://www.ndss-symposium.org/wp-content/uploads/2020/02/24311.pdf
#reverse #dukeBarman
Source: https://github.com/deepbindiff/DeepBinDiff
Article: https://www.ndss-symposium.org/wp-content/uploads/2020/02/24311.pdf
#reverse #dukeBarman
GitHub
GitHub - yueduan/DeepBinDiff: Official repository for DeepBinDiff
Official repository for DeepBinDiff. Contribute to yueduan/DeepBinDiff development by creating an account on GitHub.
MLIR: A Compiler Infrastructure for the End of Moore's Law
https://arxiv.org/abs/2002.11054 #jeisonwi
https://arxiv.org/abs/2002.11054 #jeisonwi
Linux kernel 3.x - 5.x XFRM UAF PoC
A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.
CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc
The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf
POC:
https://github.com/duasynt/xfrm_poc
#re #expdev #linux #kernel #cve #darw1n
A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.
CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc
The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf
POC:
https://github.com/duasynt/xfrm_poc
#re #expdev #linux #kernel #cve #darw1n
Duasynt
CVE-2019-15666 Ubuntu / CentOS / RHEL Linux Kernel 4.4 - 4.18 privilege escalation - Vitaly Nikolenko
Ubuntu 18.04 16.04 14.04 / CentOS 8 / RHEL 8 kernel local privilege escalation
Beginner/intermediate malware analysis training materials https://github.com/OpenRCE/Malware-Analysis-Training #reverse #malware #dukeBarman
GitHub
GitHub - OpenRCE/Malware-Analysis-Training: Retired beginner/intermediate malware analysis training materials from @pedramamini…
Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera. - OpenRCE/Malware-Analysis-Training
Scripting in Ghidra, Patching MacOS Image2Icon https://duraki.github.io/posts/o/20200227-ghidra-noscripting-image2icon.html #reverse #ghidra #dukeBarman
deviltux.thedev.id
Scripting in Ghidra, Patching MacOS Image2Icon
<%= @denoscription %>
Aero CTF 2020 - Aerofloat (ROP chain on amd64 ELF binary) Aero CTF writeup using radare2 and pwntools https://meowmeowxw.gitlab.io/ctf/aero-2020-aerofloat/ #reverse #ctf #radare2 #dukeBarman
$HOME
Aero CTF 2020 - Aerofloat
ROP on amd64 ELF binary.
Injecting into 32-bit programs on macOS Mojave https://rpis.ec/blog/mach_inject_32-writeup/ #reverse #dukeBarman
RPISEC
Injecting into 32-bit programs on macOS Mojave
32-bit programs on macOS Mojave are probably the most obscure configuration for Mac software. Due to various changes in Mojave, previous resources to inject into 32-bit programs are no longer functional. There have been posts on injecting into 64-bit programs…
BinDiff 6 is released! https://zynamics.com/software.html IDA 7.4 and Ghidra experimental support (https://github.com/google/binexport) #reverse #ida #ghidra #dukeBarman
GitHub
GitHub - google/binexport: Export disassemblies into Protocol Buffers
Export disassemblies into Protocol Buffers. Contribute to google/binexport development by creating an account on GitHub.
Statically Reverse Engineering Shellcode: Emulation https://0ffset.net/reverse-engineering/malware-analysis/emulating-shellcode-communications/ #reverse #ida #dukeBarman
0ffset Training Solutions | Practical and Affordable Cyber Security Training
Statically Reverse Engineering Shellcode: Emulation | 0ffset Training Solutions
This post is a continuation from my last one, where we reverse engineered the second stage of the shellcode, and replicated the API hashing routine. If you haven’t checked out that post, you can check it out here, and the one before that here! In this post…
Extracting Embedded Payloads From Malware https://medium.com/@ryancor/extracting-embedded-payloads-from-malware-aaca8e9aa1a9 #reverse #malware #ida #dukeBarman
Medium
Extracting Embedded Payloads From Malware
One of my all time favorite subfields of reverse engineering is the dissection of viruses. In this article I will be exploring malware…
The Art of Malware - Bringing the Dead back to life https://0x00sec.org/t/the-art-of-malware-bringing-the-dead-back-to-life/19599 #reverse #malware #dukeBarman
Opening Up the Samsung Q60 series smart TV https://labs.f-secure.com/blog/samsung-q60r-smart-tv-opening-up-the-samsung-q60-series-smart-tv/ #reverse #hardware #dukeBarman
Industry Standards to Support Supply Chain Risk Management for Firmware by NSA team https://published-prd.lanyonevents.com/published/rsaus20/sessionsFiles/18108/2020_USA20_SBX1-R1_01_Industry-Standards-to-Support-Supply-Chain-Risk-Management-for-Firmware.pdf #reverse #hardware #dukeBarman
Security analysis of memory tagging https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20memory%20tagging.pdf #reverse #exploitation #windows #dukeBarman
GitHub
MSRC-Security-Research/papers/2020/Security analysis of memory tagging.pdf at master · microsoft/MSRC-Security-Research
Security Research from the Microsoft Security Response Center (MSRC) - microsoft/MSRC-Security-Research
Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers https://github.com/hugsy/CFB #exploitation #windows #dukeBarman
Introduction to Malware Analysis and Reverse Engineering by University of Cincinnati (a lot of videos and another useful materials) https://class.malware.re/ #reverse #malware #dukeBarman
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
Article: https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/
Git: https://github.com/can1357/ByePg
#re #patchguard #bypass #windows #hvci #darw1n
Article: https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/
Git: https://github.com/can1357/ByePg
#re #patchguard #bypass #windows #hvci #darw1n
blog.can.ac
ByePg: Defeating Patchguard using Exception-hooking
<p>Now I know what you are thinking, exception hooks? …in kernel-mode? Yes, it is certainly is not as easy as a mere call to kernel32!AddVectoredExceptionHandler, but with some thinking out of t