کانال بایت امن

#Article #ReverseEngineering #Hardware 📗Hardware Debugging for Reverse Engineers Series ➖By : Wrongbaud When assessing an embedded platform there are a number of things you can do or try to accomplish, with this post I want to demonstrate/test the following: ➖Can the firmware be extracted from the target? ➖Can the target be debugged or instrumented in such a way that allows us to learn more about it’s internal operations? ➖Can the firmware be modified or changed, either through software exploitation or hardware modifications? The first step to answering some of these questions will be a hardware teardown. 🌐 Article Link @securebyte

#eBook #Malware #ReverseEngineering 📗Binary Analysis Cookbook ➖Format : TruePDF ➖By: Michael Born ➖Pages: 396 ➖Publisher: Packtpub ➖Pub Date: 2019 ➖ISBN : 9781789807608 @securebyte

#Github #Security Zynamics BinDiff uses a unique graph-theoretical approach to compare executables by identifying identical and similar functions. Zynamics BinNavi is the leading open source binary code reverse engineering tool based on graph visualization 🌐 Main Website 🌐 Project Link @securebyte

#eBook #ReverseEngineering Reverse Engineering for Beginners Text version Updated (March4,2020). 🌐 Download Link @securebyte

#Github #ReverseEngineering Do you Remember Syser Debugger ? 😉 1430 230320 ➖implement FPU reg "%1.7e" ➖ implement XMM 8/16 reg by dword x 4 ➖ fix instr info for qword data ➖ fix all disassm in uppercase ➖ fix debugger leak handle ➖ revert fix for detached process ➖ fix debugger handle unload dll 🌐 Project Link @securebyte

#Github #Internal Another Repo with more details about Windows System Call Tables. 🌐 Project Link @securebyte

#Misc #ReverseEngineeing #macOS This corner dedicated to reverse engineering, malware, rootkits, and security. Content is mostly dedicated to Mac OS X and also iOS. 🌐 Website @securebyte

#Github #Internal Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10) (win32k.sys). The interface between a process and an operating system is provided by system calls. In general, system calls are available as assembly language instructions. They are also included in the manuals used by the assembly level programmers. 🌐 Project Link @securebyte

#Article #ReverseEngineering 📗iOS Security Analysis with MobSF ➖Netguru Recently, our iOS security team was looking for a security analysis tool and we tested MobSF as one of our solutions. MobSF is a tool recommended by OWASP in its Mobile Security Testing Guide. 🌐 Article Link @securebyte

#Article #ReverseEngineering 📗Windows Process Injection in 2019 - BlackHat USA-19 ➖Amit Klein, Itzik Kotler Process injection in Windows appears to be a well-researched topic, with many techniques now known and implemented to inject from one process to the other. Process injection is used by malware to gain more stealth (e.g. run malicious logic in a legitimate process) and to bypass security products (e.g. AV, DLP and personal firewall solutions) by injecting code that performs sensitive operations (e.g. network access) to a process which is privileged to do so. 🌐 Article Link @securebyte

با عرض سلام به تمامی دوستان و همراهان عزیزمان خوشحالیم که یک سال دیگر را در کنار هم سپری کردیم. در سال جدید آرزرو میکنیم که زندگی مردم سرزمینمان توأم با سلامتی و آرامش باشد. آمدن بهار و فرا رسیدن نوروز 1399 بر همه ی شما همراهان گرامی تبریک و شاد باش. تیم امنیت نرم افزار بایت امن

#Github #MalwareAnalysis Cuckoo VM for Malware Analysis By binaryzone Things you need: 1. The VM from here. 2. Username: user1 & Password: forensics 3. Add a Windows ISO to your Cuckoo VM 4. Submit a sample and get some results… @securebyte

#Github #MalwareAnalysis Cuckoo VM for Malware Analysis By binaryzone If you do not want to put some time in installing your own Cuckoo Sandbox for different reasons, then you could just download the Virtual Machine (VM) that I have prepared. What I’ve done is get Cuckoo to run in a VM, so you might be asking what does that mean? Well, it means that first Cuckoo is running in a VM and second that Cuckoo will be running its analysis within another VM. Yes, a VM in another VM or what is technically called “Nested Virtualization“. I used VMWare for my VM, but since I’ve exported it to OVA, then you should be good to just import and run. 🌐 More info and download @securebyte

#Article #Exploit 📗Binary Exploitation: Format String Vulnerabilities series ➖By : Vickie Li Welcome to the binary exploitation series! In the coming posts, we are going to explore concepts and tricks used in binary exploitation. I hope you’re as excited as I am! 🌐 Article Link @securebyte

#Course #MalwareAnalysis 📗Introduction to Malware Analysis and Reverse Engineering (2017-2018-2020) University of Cincinnati. ➖Week 01: Introduction to VirtualBox and Lab VMs ➖Week 02: Intro to malware taxonomy / building a basic attack ➖Week 03: Deconstruct attack with static analysis ➖Week 04: x86 disassembly and analysis ➖Week 05: Dynamic analysis, networking, Immunity Intro ➖Week 06: Immunity Debugger analysis workflows ➖Week 07: Mid-Term Project week #1, no class ➖Week 08: Run-time analysis with debugger / inetsim / etc. ➖Week 09: Identification with Yara and other tools ➖Week 10: Spring break - NO CLASS ➖Week 11: Using ELK to analyze behavioral logs ➖Week 12: Java & SWF malware analysis ➖Week 13: Android Malware analysis tools, setup ➖Week 14: Android malware static analysis ➖Week 15: Android malware live analysis ➖Week 16: Finals week - Final project 🌐 https://class.malware.re/ @securebyte

#Article #ReverseEngineering #Android 📗How to start Reverse Engineering on Android Application Series (6 Parts) ➖By: Ankit Mishra 🌐 Part 1 - More Parts, Exist in Author's Profile @securebyte

#Article #ReverseEngineering #Android 📗Android App Reverse Engineering 101 ➖This workshop will be wholly based on reverse engineering through static analysis, or analyzing and understanding an application by examining its code. Table of Contents ➖Introduction ➖Android Application Fundamentals ➖Getting Started with Reversing Android Apps ➖Reverse Engineering Android Apps - DEX Bytecode ➖Reverse Engineering Android Apps - Native Libraries ➖Reverse Engineering Android Apps - Obfuscation ➖Conclusion 🌐 Workshop Link @SecureByte

#eBook #Security 📗Web Application Security: Exploitation and Countermeasures for Modern Web Applications ➖Format : EPUB ➖By: Andrew Hoffman ➖Pages: 330 ➖Publisher: O'Reilly ➖Pub Date: 2020 ➖ISBN : 978-1492053118 @securebyte