A repository for learning various heap exploitation techniques. https://github.com/shellphish/how2heap #expdev #linux #heap #darw1n
GitHub
GitHub - shellphish/how2heap: A repository for learning various heap exploitation techniques.
A repository for learning various heap exploitation techniques. - shellphish/how2heap
Decrypting APT33’s Dropshot Malware with Radare2 and Cutter – Part 2 https://www.megabeets.net/decrypting-dropshot-with-radare2-and-cutter-part-2/ #malware #radare2 #dukeBarman
Megabeets
Decrypting APT33's Dropshot Malware with Radare2 and Cutter – Part 2
In this part, we'll continue the analysis of APT33's Dropshot using Cutter, a GUI for radare2. We'll learn how to decrypt Dropshot's payload and write a noscript to do it quickly.
https://gamasutra.com/view/news/320229/Reverseengineered_Diablo_source_code_released_on_GitHub.php #games #reverse #dukeBarman
GAMASUTRA
Reverse-engineered Diablo source code released on GitHub
Heads up, devs: someone who goes by "GalaxyHaxz" has uploaded what appears to be a reverse-engineered version of the original source code (but no game assets) for Blizzard's pioneering 1996 game Diablo to GitHub. While both Diablo
Материалы школы Информационной Безопасности в Яндексе https://academy.yandex.ru/events/system_administration/msk-2018/ #study #yandex #dukeBarman
education.yandex.ru
Яндекс Образование
Делимся знаниями и навыками, чтобы вместе реализовывать самые смелые идеи, расширять границы IT и создавать будущее уже сейчас
Static instrumentation based on executable file formats http://romainthomas.fr/slides/18-06-Recon18-Formats-Instrumentation.pdf #reverse #dukeBarman
Unpacking and Extracting TrickBot Malware Configuration With x64dbg and Python https://www.youtube.com/watch?v=EdchPEHnohw #malware #dukeBarman
YouTube
Unpacking and Extracting TrickBot Malware Configuration With x64dbg and Python
Open Analysis Live! We unpack TrickBot and extract it's configuration file using x64dbg and a Python noscript from the KevinTheHermit project. Expand for more...
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs…
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs…
https://www.malwaretech.com/beginner-malware-reversing-challenges #malware #hackquest #crackme #dukeBarman
Malwaretech
MalwareTech Labs - Learn Reverse Engineering & Malware Analysis
Practical reverse engineering labs designed to imitate real-world malware techniques, helping beginners improve their skills in a safe and fun way.
Meaningful Variable Names for Decompiled Code: A Machine Translation Approach https://cmustrudel.github.io/papers/icpc18decompilation.pdf #reverse #decompilation #dukeBarman
A Mathematical Modeling of Exploitations and Mitigation Techniques Using Set Theory Paper: http://spw18.langsec.org/papers/Kawakami-Exploit-modeling-using-set-theory.pdf Slides: http://spw18.langsec.org/slides/Kawakami-Exploit-modeling-using-set-theory.pdf #exploit #dukeBarman
Android Crackme and Structure offset propagation http://radare.today/posts/crackme_with_tl/ #radare2 #android #dukeBarman
radareorg.github.io
Android Crackme and Structure offset propagation
Today we will look into the recently introduced feature in r2 - structure offset propagation.
We will use it to solve a crackme based on reversing an Android JNI (Java Native Interface) library.Beware that the feature is still WIP and being constantly improved.…
We will use it to solve a crackme based on reversing an Android JNI (Java Native Interface) library.Beware that the feature is still WIP and being constantly improved.…
Detecting Kernel Memory Disclosure – Whitepaper
https://googleprojectzero.blogspot.com/2018/06/detecting-kernel-memory-disclosure.html
http://j00ru.vexillium.org/papers/2018/bochspwn_reloaded.pdf
#expdev #darw1n
https://googleprojectzero.blogspot.com/2018/06/detecting-kernel-memory-disclosure.html
http://j00ru.vexillium.org/papers/2018/bochspwn_reloaded.pdf
#expdev #darw1n
Blogspot
Detecting Kernel Memory Disclosure – Whitepaper
Posted by Mateusz Jurczyk, Project Zero Since early 2017, we have been working on Bochspwn Reloaded – a piece of dynamic binary instrume...
https://versprite.com/blog/application-security/frida-engage-part-one-building-an-elf-parser-with-frida/ #frida #dukeBarman
VerSprite
Frida Engage Part One: Building an ELF Parser with Frida | VerSprite
In this blog series we will be covering the endless possibilities and power of Frida. For those of you who have never heard of Frida...
Analyzing an Integer Overflow in Bitdefender AV (CVE-2017-17408).
Part 1 (Vulnerability): https://www.zerodayinitiative.com/blog/2018/6/19/analyzing-an-integer-overflow-in-bitdefender-av-part-1-the-vulnerability
Part 2 (PoC): https://www.zerodayinitiative.com/blog/2018/6/21/analyzing-an-integer-overflow-in-bitdefender-av-part-2-the-exploit
#expdev #darw1n
Part 1 (Vulnerability): https://www.zerodayinitiative.com/blog/2018/6/19/analyzing-an-integer-overflow-in-bitdefender-av-part-1-the-vulnerability
Part 2 (PoC): https://www.zerodayinitiative.com/blog/2018/6/21/analyzing-an-integer-overflow-in-bitdefender-av-part-2-the-exploit
#expdev #darw1n
Zero Day Initiative
Zero Day Initiative — Analyzing an Integer Overflow in Bitdefender AV: Part 1 – The Vulnerability
In the pantheon of software bugs, vulnerabilities that occur in security software are considered more severe than others. We rely of the security software to defend against attackers, so bugs in our defenses could not just allow attackers to cause harm, they…
Bootloader research tools (very much a work in progress) https://github.com/bx/bootloader_instrumentation_suite #radare2 #reverse #dukeBarman
GitHub
GitHub - bx/bootloader_instrumentation_suite: Bootloader research tools (very much a work in progress)
Bootloader research tools (very much a work in progress) - GitHub - bx/bootloader_instrumentation_suite: Bootloader research tools (very much a work in progress)