#Github #Internals
Another Repo with more details about Windows System Call Tables.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Another Repo with more details about Windows System Call Tables.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #ReverseEngineering #Syser
Do you Remember Syser Debugger ? 😉
1430 230320
➖implement FPU reg "%1.7e"
➖ implement XMM 8/16 reg by dword x 4
➖ fix instr info for qword data
➖ fix all disassm in uppercase
➖ fix debugger leak handle
➖ revert fix for detached process
➖ fix debugger handle unload dll
🌐 Website
@securebyte
Do you Remember Syser Debugger ? 😉
1430 230320
➖implement FPU reg "%1.7e"
➖ implement XMM 8/16 reg by dword x 4
➖ fix instr info for qword data
➖ fix all disassm in uppercase
➖ fix debugger leak handle
➖ revert fix for detached process
➖ fix debugger handle unload dll
🌐 Website
@securebyte
#Github #BinDiff
Zynamics BinDiff uses a unique graph-theoretical approach to compare executables by identifying identical and similar functions.
Zynamics BinNavi is the leading open source binary code reverse engineering tool based on graph visualization
🌐 Website1
🌐 Website2
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Zynamics BinDiff uses a unique graph-theoretical approach to compare executables by identifying identical and similar functions.
Zynamics BinNavi is the leading open source binary code reverse engineering tool based on graph visualization
🌐 Website1
🌐 Website2
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Hardware
📗Hardware Debugging for Reverse Engineers Series
➖By : Wrongbaud
When assessing an embedded platform there are a number of things you can do or try to accomplish, with this post I want to demonstrate/test the following:
➖Can the firmware be extracted from the target?
➖Can the target be debugged or instrumented in such a way that allows us to learn more about it’s internal operations?
➖Can the firmware be modified or changed, either through software exploitation or hardware modifications?
The first step to answering some of these questions will be a hardware teardown.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Hardware Debugging for Reverse Engineers Series
➖By : Wrongbaud
When assessing an embedded platform there are a number of things you can do or try to accomplish, with this post I want to demonstrate/test the following:
➖Can the firmware be extracted from the target?
➖Can the target be debugged or instrumented in such a way that allows us to learn more about it’s internal operations?
➖Can the firmware be modified or changed, either through software exploitation or hardware modifications?
The first step to answering some of these questions will be a hardware teardown.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Website #Internals
Useful websites that cover undocumented structures. Low-level programer's guide to Windows NT Kernel, Native API and Drivers.
🌐 Vergilius Project - Terminus Project - NT Internals
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Useful websites that cover undocumented structures. Low-level programer's guide to Windows NT Kernel, Native API and Drivers.
🌐 Vergilius Project - Terminus Project - NT Internals
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #bddisasm
Bitdefender bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Bitdefender bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Android
📗Reverse engineering an Android Application [Krk Bike]
The app used for this demonstration is called Krk Bike, and it is a mobile application that you can download from Google Play store, and it will show you many of bike trails on Croatia’s island of Krk. I wanted to see all of this bike trails in a single, un-cluttered map. How could we get such data out of this app?
🌐Article Link
@securebyte
📗Reverse engineering an Android Application [Krk Bike]
The app used for this demonstration is called Krk Bike, and it is a mobile application that you can download from Google Play store, and it will show you many of bike trails on Croatia’s island of Krk. I wanted to see all of this bike trails in a single, un-cluttered map. How could we get such data out of this app?
🌐Article Link
@securebyte
#Articles #ReverseEngineering #Ghidra
📗Reverse Engineering with Ghidra
🌐 Part 0 : Main Windows & CrackMe
🌐 Part 1 : Data, Functions & Scripts
@securebyte
📗Reverse Engineering with Ghidra
🌐 Part 0 : Main Windows & CrackMe
🌐 Part 1 : Data, Functions & Scripts
@securebyte
#Article #ReverseEngineering #Android
📗Vault 101 : Samsung CTF App Reverse Engineering Challenge Write-up
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Vault 101 : Samsung CTF App Reverse Engineering Challenge Write-up
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Firmware
📗Breaking Samsung firmware, or turning your S8/S9/S10 into a DIY “Proxmark”
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Breaking Samsung firmware, or turning your S8/S9/S10 into a DIY “Proxmark”
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #DOS
📗Pre-Crypto - Reverse engineering ancient DOS “encryption”
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Pre-Crypto - Reverse engineering ancient DOS “encryption”
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #MalwareAnalysis
📗 Word Document Malware Analysis
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 Word Document Malware Analysis
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Radare2
📗 Introduction to Reverse Engineering with radare2 Cutter
➖Part 1: Key Terminology and Overview (You Are Here)
➖Part 2: Analysing a Basic Program
➖Part 3: Solving a Crackme Challenge
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 Introduction to Reverse Engineering with radare2 Cutter
➖Part 1: Key Terminology and Overview (You Are Here)
➖Part 2: Analysing a Basic Program
➖Part 3: Solving a Crackme Challenge
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #MalwareAnalysis #Radare2
📗 Intro to Cutter for Malware Analysis
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 Intro to Cutter for Malware Analysis
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Frida
📗 r2-pay: anti-debug, anti-root & anti-frida (part 1)
This series of blog posts explains one way to resolve the r2-pay challenge released during the r2con2020 conference. This first part is about the anti-analysis tricks used to hinder reverse-engineering while the second part will be more focused on breaking the whitebox.
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 r2-pay: anti-debug, anti-root & anti-frida (part 1)
This series of blog posts explains one way to resolve the r2-pay challenge released during the r2con2020 conference. This first part is about the anti-analysis tricks used to hinder reverse-engineering while the second part will be more focused on breaking the whitebox.
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #MalwareAnalysis
📗 Defeating Macro Document Static Analysis with Pictures of My Ca
Over the past few weeks I’ve spent some time learning Visual Basic for Applications (VBA), specifically for creating malicious Word documents to act as an initial stager. When taking operational security into consideration and brainstorming ways of evading macro detection, I had the question, how does anti-virus detect a malicious macro?
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 Defeating Macro Document Static Analysis with Pictures of My Ca
Over the past few weeks I’ve spent some time learning Visual Basic for Applications (VBA), specifically for creating malicious Word documents to act as an initial stager. When taking operational security into consideration and brainstorming ways of evading macro detection, I had the question, how does anti-virus detect a malicious macro?
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
کانال بایت امن
#Article #ReverseEngineering #Frida 📗 r2-pay: anti-debug, anti-root & anti-frida (part 1) This series of blog posts explains one way to resolve the r2-pay challenge released during the r2con2020 conference. This first part is about the anti-analysis tricks…
#Article #ReverseEngineering #Frida
📗 r2-pay: anti-debug, anti-root & anti-frida (part 2)
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 r2-pay: anti-debug, anti-root & anti-frida (part 2)
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering
📗 Dynamic Binary Instrumentation Techniques to Address Native Code Obfuscation
Android applications are becoming more and more obfuscated to prevent reverse engineering. While obfuscation can be applied on both, the Dalvik bytecode and the native code, the former is more challenging to analyze due to the structure of the bytecode as well as the API provided by Android Runtime.
🌐Article Link
🗳PDF File
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 Dynamic Binary Instrumentation Techniques to Address Native Code Obfuscation
Android applications are becoming more and more obfuscated to prevent reverse engineering. While obfuscation can be applied on both, the Dalvik bytecode and the native code, the former is more challenging to analyze due to the structure of the bytecode as well as the API provided by Android Runtime.
🌐Article Link
🗳PDF File
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #Programming
Planet Source Code Github Repo
🌐 Project Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Planet Source Code Github Repo
🌐 Project Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #Programming #Sploit
Sploit - Go package that aids in binary analysis and exploitation
🌐 Project Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Sploit - Go package that aids in binary analysis and exploitation
🌐 Project Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering
📗 Reverse engineering 3D Movie Maker - Part 1 - using Ghidra noscripting to recover the C++ class hierarchy
A while ago, I started reverse engineering Microsoft 3D Movie Maker to understand how it works and to develop my game reversing skills. This blog series is about my adventures in reversing 3D Movie Maker and some of the interesting things I learnt along the way.
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗 Reverse engineering 3D Movie Maker - Part 1 - using Ghidra noscripting to recover the C++ class hierarchy
A while ago, I started reverse engineering Microsoft 3D Movie Maker to understand how it works and to develop my game reversing skills. This blog series is about my adventures in reversing 3D Movie Maker and some of the interesting things I learnt along the way.
🌐Article Link
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_