#Misc

چند سال پیش بود که یک نسخه جدید از برنامه Syser Debugger معرفی شد و بعد از اون که گفته میشد باید منتظر نسخه های جدید و بروز باشیم، امروز خبر دیگه ای شنیدم و به نظر میرسه که نویسنده Syser Debugger سورس کد مربوط به برنامه را توسط یک فلش خراب از دست داده و خیلی از این بابت ناراحت شدم .

این ویدئو مربوط به چند سال پیش هست وقتی داشتم برای اولین بار نرم افزار را تست میکردم.

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#eBook #radare2

📗Radare2 Official Updated Ebook

🌐 Website

Picture is related to cutter, the Radare2 GUI.

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #ReverseEngineering #Mobile

MARA_Framework

MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals.

فریم ورک مارا جهت تحلیل و بررسی و مهندسی معکوس نرم افزار های موبایل بر اساس OWASP mobile security threats.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #MobSF

Mobile Security Framework (MobSF)

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code.

فریم ورک MobSF جهت بررسی استاتیک و داینامیک نرم افزار های موبایل در پلاتفرم های اندروید، آی او اس و ویندوز موبایل.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#securebyte

سلام خدمت دوستان و همراهان گرامی
با توجه به اعلام قبلی مبنی بر توسعه و آماده سازی زیر ساخت های آموزشی، کلاس های حضوری، آنلاین و دوره های مالتی مدیا از سال آینده به امید خدا برگزار خواهند شد که حتما در پستی مجزا به این موضوع مفصل می پردازم که چه تغییراتی در روند فعالیت ها رخ داده و یا در حال تغییر می باشند.

تشکر از دوستانی که تا به امروز پیگیر این موضوع بودند و همیشه ما را دنبال می کنند.

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #ReverseEngineering #Android

📗Android App Reverse Engineering 101

This workshop will be wholly based on reverse engineering through static analysis, or analyzing and understanding an application by examining its code.

Table of Contents
➖Introduction
➖Android Application Fundamentals
➖Getting Started with Reversing Android Apps
➖Reverse Engineering Android Apps - DEX Bytecode
➖Reverse Engineering Android Apps - Native Libraries
➖Reverse Engineering Android Apps - Obfuscation
➖Conclusion

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #ReverseEngineering #Android

📗How to start Reverse Engineering on Android Application Series (6 Parts)
➖By: Ankit Mishra

🌐 Website

More Parts, Exist in Author's Profile

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#TrainingCourse #MalwareAnalysis

📗Introduction to Malware Analysis and Reverse Engineering (2017-2018-2020) University of Cincinnati.

➖Week 01: Introduction to VirtualBox and Lab VMs
➖Week 02: Intro to malware taxonomy / building a basic attack
➖Week 03: Deconstruct attack with static analysis
➖Week 04: x86 disassembly and analysis
➖Week 05: Dynamic analysis, networking, Immunity Intro
➖Week 06: Immunity Debugger analysis workflows
➖Week 07: Mid-Term Project week #1, no class
➖Week 08: Run-time analysis with debugger / inetsim / etc.
➖Week 09: Identification with Yara and other tools
➖Week 10: Spring break - NO CLASS
➖Week 11: Using ELK to analyze behavioral logs
➖Week 12: Java & SWF malware analysis
➖Week 13: Android Malware analysis tools, setup
➖Week 14: Android malware static analysis
➖Week 15: Android malware live analysis
➖Week 16: Finals week - Final project

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #Exploiting

📗Binary Exploitation: Format String Vulnerabilities series
➖By : Vickie Li

Welcome to the binary exploitation series! In the coming posts, we are going to explore concepts and tricks used in binary exploitation. I hope you’re as excited as I am!

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #Cuckoo

Cuckoo VM for Malware Analysis By binaryzone

If you do not want to put some time in installing your own Cuckoo Sandbox for different reasons, then you could just download the Virtual Machine (VM) that I have prepared. What I’ve done is get Cuckoo to run in a VM, so you might be asking what does that mean? Well, it means that first Cuckoo is running in a VM and second that Cuckoo will be running its analysis within another VM. Yes, a VM in another VM or what is technically called “Nested Virtualization“. I used VMWare for my VM, but since I’ve exported it to OVA, then you should be good to just import and run.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #Cuckoo

Cuckoo VM for Malware Analysis By binaryzone

Things you need:
1. The VM from download link
2. Username: user1 & Password: forensics
3. Add a Windows ISO to your Cuckoo VM
4. Submit a sample and get some results…

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #ReverseEngineering

📗Windows Process Injection in 2019 - BlackHat USA-19
➖Amit Klein, Itzik Kotler

Process injection in Windows appears to be a well-researched topic, with many techniques now known and implemented to inject from one process to the other. Process injection is used by malware to gain more stealth (e.g. run malicious logic in a legitimate process) and to bypass security products (e.g. AV, DLP and personal firewall solutions) by injecting code that performs sensitive operations (e.g. network access) to a process which is privileged to do so.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #ReverseEngineering

📗iOS Security Analysis with MobSF
➖Netguru

Recently, our iOS security team was looking for a security analysis tool and we tested MobSF as one of our solutions. MobSF is a tool recommended by OWASP in its Mobile Security Testing Guide.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #Internals

Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
(win32k.sys).

The interface between a process and an operating system is provided by system calls. In general, system calls are available as assembly language instructions. They are also included in the manuals used by the assembly level programmers.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #ReverseEngineeing #OSX

This corner dedicated to reverse engineering, malware, rootkits, and security.

Content is mostly dedicated to Mac OS X and also iOS.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #Internals

Another Repo with more details about Windows System Call Tables.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Github #ReverseEngineering #Syser

Do you Remember Syser Debugger ? 😉

1430 230320
➖implement FPU reg "%1.7e"
➖ implement XMM 8/16 reg by dword x 4
➖ fix instr info for qword data
➖ fix all disassm in uppercase
➖ fix debugger leak handle
➖ revert fix for detached process
➖ fix debugger handle unload dll

🌐 Website

@securebyte

#Github #BinDiff

Zynamics BinDiff uses a unique graph-theoretical approach to compare executables by identifying identical and similar functions.

Zynamics BinNavi is the leading open source binary code reverse engineering tool based on graph visualization

🌐 Website1
🌐 Website2

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_

#Article #ReverseEngineering #Hardware

📗Hardware Debugging for Reverse Engineers Series
➖By : Wrongbaud

When assessing an embedded platform there are a number of things you can do or try to accomplish, with this post I want to demonstrate/test the following:

➖Can the firmware be extracted from the target?
➖Can the target be debugged or instrumented in such a way that allows us to learn more about it’s internal operations?
➖Can the firmware be modified or changed, either through software exploitation or hardware modifications?

The first step to answering some of these questions will be a hardware teardown.

🌐 Website

Telegram Channel : @securebyte

Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_