Archive

Archive for the ‘Disassembly’ Category

FSExploitMe and Exploit-Exercises

March 17, 2015 Leave a comment

If you are interested in learning about ActiveX exploitation, security researcher/consultant/professor Brad Antoniewicz has created FSExploitMe for just that purpose.

You’ll want a copy of Internet Explorer 8 to get the most out of it, but fortunately you can get a VM running IE8 for *free* from Microsoft.

And if you are interested in getting deeper into Linux exploitation, exploit-exercises.com has pre-built VM’s with capture-the-flag style levels and challenges for each level. It also has challenges for beginners to expert and is designed to teach:

[…]about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues.

Advertisements
Categories: Disassembly, Linux, Tech, Windows

x64_dbg — a powerful open-source 32 and 64-bit debugger for Windows

July 27, 2014 Leave a comment

x64_dbg is a very powerful open-source 32 and 64-bit assembler/debugger for Windows. The UI is reminiscent of OllyDbg with some additions that are clearly inspired by IDA Pro.

I’m looking forward to using this tool in place of OllyDbg, especially for 64-bit related RE tasks.

Categories: Disassembly, Tech, Windows

Free Online CTF and Penetration Testing Course

June 14, 2014 1 comment

From Trail of Bits, they are offering a free online CTF and penetration testing course. Lots of great material from a well respected organization.

 

Debugger Detection in Windows

March 15, 2014 Leave a comment

Some thorough documentation on anti-debugging techniques in Windows:

Categories: Disassembly, Programming, Tech

injdmp: dumping injected processes and dumping process memory that is marked as RWX

January 24, 2014 Leave a comment

This is awesome.

http://hooked-on-mnemonics.blogspot.com/p/injdmp.html

injdmp is a tool for dumping injected processes and dumping process memory that is marked as RWX. The tool can detect most malware that uses process injection. As of this writing it can dump processes related to Zeus/Citadel, Cridex, Ramnit, Poison Ivy  and a number of other families of malware.

Categories: Disassembly, Tech, Windows

[link] Layman’s Guide to Integrated Circuit RE

January 15, 2014 Leave a comment

Great website.

The Layman’s Guide to IC Reverse Engineering has been created to teach you the very basics of what it takes to reverse engineer integrated circuits. Not too much particular focus is given to the physics and math, just the bare essentials for a layman to turn images into logic. And chips into images. Kudos to academia, security researchers, and chip enthusiasts from around the world for all their papers and presentations that this effort draws inspiration from.

Categories: Disassembly, Tech

[link] “iOS Assembly Tutorial: Understanding ARM”

January 8, 2014 Leave a comment

Here’s a very well written post by Matt Galloway…this one is about ARM assembly.

When you write Objective-C code, it eventually turns into machine code – the raw 1s and 0s that the ARM CPU understands. In between Objective-C code and machine code, though, is the still human-readable assembly language.

Understanding assembly gives you insight into your code for debugging and optimizing, helps you decipher the Objective-C runtime, and also satisfies that inner nerd curiosity.

In this iOS assembly tutorial, you’ll learn:

  • What assembly is – and why you should care about it.
  • How to read assembly – in particular, the assembly generated for Objective-C methods.
  • How to use the assembly view while debugging – useful to see what is going on and why a bug or crash has occurred.
Categories: Apple, Disassembly, Tech