This Week in Security News: IoT Threats and Risks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threats and risks to complex IoT environments. Also, learn about new security challenges and risks the food production...

Ghidra - Software Reverse Engineering Framework

Ghidra is a software reverse engineering SRE framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including...

Download NSA’s reverse engineering tool GHIDRA

By Waqas Recently we informed that the National Security Agency's NSA plans to release GHIDRA, the famous reverse engineering tool in March. As per latest reports, the NSA has released GHIDRA and the open-source world can now use it easily. This is quite unlike the other cybersecurity tools so fa...

Bincat - Binary Code Static Analyser, With IDA Integration

BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA. It features: value analysis registers and memory taint analysis type reconstruction and propagation backward and forward analysis use-after-free and double-free detection In action You can chec...

Hacking the GCHQ Backdoor

Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems. Furthering the debate, Nate Cardozo and Seth Schoen of EFF explain how this sort of backdoor can be detected: In fact, we think when the ghost feature is active­ -- silently inserting a secret...

dnSpy - .NET Debugger And Assembly Editor

dnSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing a...

[SECURITY] Fedora 29 Update: radare2-3.2.0-1.fc29

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

[SECURITY] Fedora 28 Update: radare2-3.2.0-1.fc28

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

Dynamic Data Resolver (DDR) - IDA Plugin

This blog post was authored by Holger Unterbrink Executive Summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. But, if you try to perform dynamic analysis by...

NSA to release free reverse engineering tool GHIDRA at RSAConference

By Waqas WikiLeaks Fame Reverse Engineering Tool GHIDRA to be Released in March. GHIDRA is a reverse engineering tool developed by the United States’ National Security Agency NSA. According to reports, this framework will be released in March at the RSAConference. This is the same reverse...

NSA to release its GHIDRA reverse engineering tool for free

The United States' National Security Agency NSA is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by...

NSA to release its GHIDRA reverse engineering tool for free

The United States' National Security Agency NSA is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by...

Oracle Weblogic Server Deserialization RCE - RMI UnicastRef

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object sun.rmi.server.UnicastRef to the interface to execute code on vulnerable hosts. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle Weblogic Server Deserialization RCE - MarshalledObject

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object weblogic.corba.utils.MarshalledObject to the interface to execute code on vulnerable hosts. This module requires Metasploit: https://metasploit.com/download Current source:...

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering FLARE team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x8664, ARM, and...

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering FLARE team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x8664, ARM, and...

Radare2 - Unix-Like Reverse Engineering Framework And Commandline Tools Security

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later added support for analyzing binaries, disassembling code,...

Adobe Flash Zero-Day Leveraged Via Office Docs in Campaign

An Adobe Flash Player zero-day exploit has been spotted in the wild as part of a widespread campaign, researchers said on Wednesday. Adobe has just issued a patch for the previously unknown critical flaw. The vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code executio...

Triton - Dynamic Binary Analysis (DBA) Framework

Triton is a dynamic binary analysis DBA framework. It provides internal components like a Dynamic Symbolic Execution DSE engine, a Taint engine, AST representations of the x86 and the x86-64 instructions set semantics, SMT simplification passes, an SMT Solver Interface and, the last but not least...

Miasm - Reverse Engineering Framework In Python

Miasm is a free and open source GPLv2 reverse engineering framework. Miasm aims to analyze / modify / generate binary programs. Here is a non exhaustive list of features: Opening / modifying / generating PE / ELF 32 / 64 LE / BE using Elfesteem Assembling / Disassembling X86 / ARM / MIPS / SH4 /...