Are you bored of mangled C++ names in IDAPro? Change it with this quick tip.
This one and much more have been covered during recent IDATraining by twitter.com/HexRaysSA
This one and much more have been covered during recent IDATraining by twitter.com/HexRaysSA
Learn how to emulate, trace, debug, and ReverseEngineering UEFI modules in part 2 of new blog series on FirmwareSecurity
https://s1.ai/uefi2
https://s1.ai/uefi2
SentinelOne
Moving From Manual Reverse Engineering of UEFI Modules To Dynamic Emulation of UEFI Firmware - SentinelLabs
Learn how to emulate, trace, debug, and Reverse Engineer UEFI modules in part 2 of our new blog series on Firmware Security
ICEID PNG PAYLOAD SHELLCODE EXTRACTOR
https://github.com/tccontre/KnowledgeBase/tree/main/malware_re_tools/iceid_stego_shell_decryptor
https://github.com/tccontre/KnowledgeBase/tree/main/malware_re_tools/iceid_stego_shell_decryptor
GitHub
KnowledgeBase/malware_re_tools/iceid_stego_shell_decryptor at main · tccontre/KnowledgeBase
Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff - tccontre/KnowledgeBase
integer overflow
https://github.com/videolan/vlc/blob/41541125de479fdff0ed0dcd73a6bbc64e598727/modules/demux/avi/avi.c
https://github.com/videolan/vlc/blob/41541125de479fdff0ed0dcd73a6bbc64e598727/modules/demux/avi/avi.c
GitHub
vlc/modules/demux/avi/avi.c at 41541125de479fdff0ed0dcd73a6bbc64e598727 · videolan/vlc
VLC media player - All pull requests are ignored, please use MRs on https://code.videolan.org/videolan/vlc - videolan/vlc
Igor’s tip of the week #24: Renaming registers
https://www.hex-rays.com/blog/igors-tip-of-the-week-24-renaming-registers/
https://www.hex-rays.com/blog/igors-tip-of-the-week-24-renaming-registers/
Full IDB for FlawedGrace (and for its 64-bit stealer module): https://www.msreverseengineering.com/blog/2021/3/2/an-exhaustively-analyzed-idb-for-flawedgrace
Möbius Strip Reverse Engineering
An Exhaustively-Analyzed IDB for FlawedGrace — Möbius Strip Reverse Engineering
This blog entry announces the release of an exhaustive analysis of FlawedGrace. You can find the IDB for the main executable, and for the 64-bit password stealer module, here. The sha1sum for the main executable is 9bb72ae1dc6c49806064992e0850dc8cb02571ed…
D810: Creating an extensible deobfuscation plugin for IDA Pro
https://eshard.com/posts/d810_blog_post_1/
D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.
https://gitlab.com/eshard/d810
https://eshard.com/posts/d810_blog_post_1/
D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.
https://gitlab.com/eshard/d810
Get the best practices to make full use of #IDA's user directory:
https://www.hex-rays.com/blog/igors-tip-of-the-week-33-idas-user-directory-idausr/
https://www.hex-rays.com/blog/igors-tip-of-the-week-33-idas-user-directory-idausr/
Forwarded from RE Tools / Books
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from RE Tools / Books
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from RE Tools / Books
Please open Telegram to view this post
VIEW IN TELEGRAM
Hey folks! We’ve launched IDApro bot! Password: 311138
Enjoy!
IDA Pro 7.7 SP1 (x86, x64, ARM64) + TOOLS
https://t.me/idaprobot?start=B1Pm9xvhc5elTADnwo8IdQFOJLqYS7y2GX
Enjoy!
IDA Pro 7.7 SP1 (x86, x64, ARM64) + TOOLS
https://t.me/idaprobot?start=B1Pm9xvhc5elTADnwo8IdQFOJLqYS7y2GX
Kudos to Boris Larin for his plugin that helps IDA Pro to disassemble PlayStation 2 COP2 MIPS instructions
https://github.com/oct0xor/ida-emotionengine
https://github.com/oct0xor/ida-emotionengine
GitHub
GitHub - oct0xor/ida-emotionengine: IDA Pro plugin that implements disassembly of PlayStation 2 COP2 MIPS instructions
IDA Pro plugin that implements disassembly of PlayStation 2 COP2 MIPS instructions - oct0xor/ida-emotionengine