Karta - Source Code Assisted Fast Binary Matching Plugin For IDA

"Karta" Russian for "Map" is an IDA Python plugin that identifies and matches open-sourced libraries in a given binary. The plugin uses a unique technique that enables it to support huge binaries 200,000 functions, with almost no impact on the overall performance. The matching algorithm is...

MemITM - Tool To Make In Memory Man In The Middle

The MemITM Mem In The Middle tool has been developped in order to easily intercept "messages" in Windows processes memory. We developped a lot of custom memory interception tools in order to capture network messages before encryption, or IPC messages, and to be able to inspect them or alter them ...

Memory Man in the Middle: MemITM

The MemITM Mem In The Middle tool has been developed in order to easily intercept “messages” in Windows processes memory. We developed a lot of custom memory interception tools in order to capture network messages before encryption, or IPC messages, and to be able to inspect them or alter them to...

TPLINK TLWR740N路由器远程代码执行漏洞(CVE-2017-13772)

INTRODUCTION In October of 2017 we disclosed multiple vulnerabilities in TP-Link’s WR940n router that occurred due to multiple code paths calling strcpy on user controllable unsanitised input CVE-2017-13772 The httpd binary responsible for these vulnerabilities contained patterns of code that...

Malware monitor - leveraging PyREBox for malware analysis

This post was authored by Xabier Ugarte Pedrero In July 2017 we released PyREBox, a Python Scriptable Reverse Engineering Sandbox as an open source tool. This project is part of our continuous effort to create new tools to improve our workflows. PyREBox is a versatile instrumentation framework...