radare2 代码问题漏洞

Radare2 is a set of libraries and tools for working with binary files. A denial of service vulnerability exists in Radare2 versions prior to 5.7.0, which stems from a null pointer dereference in libr/bin/format/mach0/mach0.c. The vulnerability can be exploited to cause a denial of service. An...

Maat - Open-source Symbolic Execution Framework

Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint analysis, constraint solving, binary loading, environment simulation, and leverages Ghidra's sleigh library for assembly lifting: https://maat.re...

radare2 缓冲区错误漏洞

Radare2 is a set of libraries and tools for working with binary files.A buffer overflow vulnerability exists in versions of Radare2 prior to 5.6.8, which stems from out-of-bounds application reads of the rbinnegetentrypoints function. An attacker could exploit this vulnerability to read sensitive...

Exploit for Command Injection in Tp-Link Tapo_C200_Firmware

CVE-2021-4045 CVE-2021-4045 is a Command Injection vulnerabil...

aDLL - Adventure of Dinamic Link Library

aDLL is abinary analysis tool focused on the automatic discovery of DLL Hijacking vulnerabilities. The tool analyzes the image of the binary loaded in memory to search for DLLs loaded at load-time and makes use of the Microsoft Detours library to intercept calls to the LoadLibrary/LoadLibraryEx...

ctf

It is an offensive tool for reverse engineering. The repository contains a binary decompiler for a "Magic Word" challenge, which appears to be a reverse engineering exercise. The code is written in C++ and utilizes the basicstring class from the C++ Standard Library. The decompiled main function ...

Kaiju - A Binary Analysis Framework Extension For The Ghidra Software Reverse Engineering Suite

CERT Kaiju is a collection of binary analysis tools for Ghidra. This is a Ghidra/Java implementation of some features of the CERT Pharos Binary Analysis Framework, particularly the function hashing and malware analysis tools, but is expected to grow new tools and capabilities over time. As this i...

Romanian Crypto Mining Infection

While examining my honeypot logs and digging through the newly downloaded binaries last week, I noticed a large compressed file. I figured it would be a crypto miner, typically a tar archive and gzip normally erroneously compressed. I moved the archive over to my test lab and started examining th...

Software-Security-Learning

It is an offensive tool for binary exploitation. The primary CVE ID is not explicitly mentioned, but the repository contains information on various software security topics, including binary exploitation. The target product/service or framework is not specified, but the repository includes tools...

uafuzz

This is an offensive tool for Binary Analysis. The repository, cherrywb/uafuzz, is a directed fuzzer dedicated to Use-After-Free UAF bugs at the binary level. It aims to detect UAF bugs, which appear when a heap element is used after having been freed. The tool uses a combination of static...

Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on anomalies that can either indicate an ongoing attac...

Sploit - Go Package That Aids In Binary Analysis And Exploitation

Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit is to be able to have a well designed API with functionality that rivals some of the more common Python exploit development frameworks while taking advantage of the Go...

TAU Threat Analysis: Relations to Hakbit Ransomware

See part one of TAU's Hakbit Ransomware analysis here. Many blue team defenders out there will attest to the fact that ransomware is on the rise, and that ransomware doesn’t appear to be going away any time soon. Ransomware is only one of the numerous types of commodity-based emerging threats whi...

Exploit for Use After Free in Microsoft

sectoolset -- Github安全相关工具集合 主要内容： 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具（POC，EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x11 所有内容 乌云镜像 乌云镜像 乌云镜像,河蟹 近期安全热点 facebook又爆出大量数亿用户隐私数据泄露 CVE-2019-14378 QEMU VM Escape严重漏洞，影响KVM等QEMU为后端的虚拟平台 CVE-2019-10173 Xstream 远程代码执行漏洞...

Goblin - An Impish, Cross-Platform Binary Parsing Crate, Written In Rust

Documentation https://docs.rs/goblin/ changelog Usage Goblin requires rustc 1.31.1. Add to your Cargo.toml dependencies goblin = "0.1" Features awesome crate name zero-copy, cross-platform, endian-aware, ELF64/32 implementation - wow! zero-copy, cross-platform, endian-aware, 32/64 bit Mach-o pars...

FIDL: FLARE’s IDA Decompiler Library

IDA Pro and the Hex Rays decompiler are a core part of any toolkit for reverse engineering and vulnerability research. In a previous blog post we discussed how the Hex-Rays API can be used to solve small, well-defined problems commonly seen as part of malware analysis. Having access to a...

Definitive Dossier of Devilish Debug Details – Part Deux: A Didactic Deep Dive into Data Driven Deductions

In Part One of this blog series, Steve Miller outlined what PDB paths are, how they appear in malware, how we use them to detect malicious files, and how we sometimes use them to make associations about groups and actors. As Steve continued his research into PDB paths, we became interested in...

B2R2 - Collection Of Useful Algorithms, Functions, And Tools For Binary Analysis

B2R2 is a collection of useful algorithms, functions, and tools for binary analysis , written purely in F in .NET lingo, it is purely managed code. B2R2 has been named after R2-D2, a famous fictional robot appeared in the Star Wars. In fact, B2R2's original name was B2-R2 , but we decided to use...

Flare-Emu - Powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x86_64, ARM, and ARM64 architectures to reverse engineers

flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks. It is designed to handle all the housekeeping of setting up a flexible and robust emulator for its supported...

Metame - Metame Is A Metamorphic Code Engine For Arbitrary Executables

metame is a simple metamorphic code engine for arbitrary executables. From Wikipedia: Metamorphic code is code that when run outputs a logically equivalent version of its own code under some interpretation. This is used by computer viruses to avoid the pattern recognition of anti-virus software...