GDB Front End: PINCE

GDB Front End: PINCE is not Cheat Engine PINCE is a front-end/reverse engineering tool for the GNU Project Debugger GDB, focused on games. But it can be used for any reverse-engineering related stuff. PINCE is an abbreviation for “PINCE is not Cheat Engine”. PINCE’s GUI is heavily “inspired;D” by...

Reverse Engineering Cross Platform Disassembler: Panopticon

Reverse Engineering Cross Platform Disassembler Panopticon is a disassembler that understands the semantics of opcodes. This way it’s able to help the user by discovering and displaying invariants that would have to be discovered “by hand” in traditional disassemblers. This allows an interactive...

Facebook Capture The Flag Platform Open Source

If you’ve been to DEF CON or any number of other technical hacker conferences, you’re familiar with Capture the Flag contests. These events pit teams of hackers and researchers against each other in a series of challenges until a winner is determined. Capture the Flag is also a valuable teaching...

BinDiff Now Free, To Delight of Security Researchers

BinDiff is a constant presence inside a security researcher’s toolbox, ideal for patch and malware analysis or reverse engineering of code. The Google-owned software allows researchers to conduct side-by-side comparisons of binary files in disassembled code looking for differences in the samples...

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...

CTF-Tools - Some setup scripts for security research tools

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. Installers for the following tools are included: Category | To...

Lessons from Operation RussianDoll

As defensive security controls raise the bar to attack, attackers will employ increasingly sophisticated techniques to complete their mission. Understanding the mechanics and impact of these threats is essential to systematically discover and deflect the coming wave of advanced attacks. Mandiant...

3 6 0 the end of the tour the ultimate firepower“stealth”,“the spike”, etc. vulnerability analysis-vulnerability warning-the black bar safety net

0x01 introduction Before sent over a patch a generic D3D game buck perspective plug-in, a buddy because the stock Duvet cover, with a plug-in to play the ultimate firepower of boredom, a do nothing level is too dishes light has a perspective or abused, please I helped him the whole point of the...

FLARE Script Series: flare-dbg Plug-ins

Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. In this post, we continue to discuss the flare-dbg project. If you haven’t read my first post on using flare-dbg to automate string decoding, be sure to check it out! We created the flare-dbg Pytho...

AndroL4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis. Tools APKStudio Cross-platform Qt5 based IDE for reverse-engineering...

RPISEC: Malware Analysis

This material was developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run solely by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills i...

FLARE Script Series: Automating Obfuscated String Decoding

Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering FLARE script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an...

Volatile Memory Extraction: The Volatility Framework

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...

ROOT tools to exploit open“doors”-the vulnerability warning-the black bar safety net

Even when all information is disclosed, the Android Root Application Developer or the presence of the unknown side. ROOT for exploit the open door The latest study found that by promoting strong Root to use the program, one of the few application distributors are millions of Android user is place...

EMC SourceOne Email Supervisor Hard-Coded Password Vulnerability

EMC SourceOne Email Supervisor is an email and IM content monitoring and management solution. EMC SourceOne Email Supervisor suffers from a reverse engineering vulnerability in its implementation. An attacker could exploit this vulnerability to take control of an affected system via a hard-coded...

DARPA Protecting Software From Reverse Engineering Through Obfuscation

Researchers with a DARPA-led team are looking into new ways to combat reverse engineering by using obfuscation to tidy up shoddy commercial and government security. Researchers with the unit, dubbed the SafeWare program, are hoping to develop new methods, bolstered by encryption, to obscure...

PageAdmin v3.0 /e/database/v3.mdb 数据库泄漏

PageAdmin CMS V3.0版，默认数据库地址“/e/database/v3.mdb“，默认后台地址：“/e/master/login.aspx”，由于数据库地址未做限制，导致可以下载。通过逆向管理员MD5加密算法获得md5密文，并通过md5密文可以破解管理员密码。发现非常规MD5加密，于是使用ILSPY逆向源代码，查看加密方式public string GetMd5string s MD5 mD = new MD5CryptoServiceProvider; Encoding encoding = Encoding.GetEncoding"UTF-8"; string s2 =...

Vulnerabilities Identified in Dolphin, Mercury Android Browsers

Vulnerabilities exist in two fairly popular alternative browsers for Android – Dolphin and Mercury — that depending on the browser could result in either remote code execution or arbitrary read/write access. Mobile security researcher Benjamin Watson, who blogs under the guise of Rotlogix...

A serious Wordpress 0 day exploit reverse engineering analysis-vulnerability warning-the black bar safety net

In just the past weekend,I got from my modsecurity logs found an interesting warning,logging a submit to my Wordpress site with one network request. Although this request did not succeed,but I decided to be an in-depth study,and trying to figure out this request information in the end is what,it...

Oracle CSO: You 'Must Not Reverse Engineer Our Code'

UPDATE–Oracle, never the most researcher-friendly software vendor, has taken its antagonism to another level after publishing a blog post by CSO Mary Ann Davidson that rails against reverse engineering and saying that the company has no need for researchers to look at Oracle’s code for...