Write Packer your own packer/protector
[+] How to write packer for windows
[+] Create a packer by frank2
[+] write packer with python and how it loads
[+] Writing a Packer From Scratch in Nim
[+] Writing a simple self-injecting packer
[+] Developing PE file packer step-by-step. Step 1-...
-Curated list executable packing
-unavailing custom Packer
https://t.me/Source_byte
#packer #reverse
[+] How to write packer for windows
[+] Create a packer by frank2
[+] write packer with python and how it loads
[+] Writing a Packer From Scratch in Nim
[+] Writing a simple self-injecting packer
[+] Developing PE file packer step-by-step. Step 1-...
-Curated list executable packing
-unavailing custom Packer
https://t.me/Source_byte
#packer #reverse
❤4👍2🤔1
8.3.7z
852.4 MB
IDA Pro Version 8.3 (with tools, sdk + keygen for x86_x64, ARM, ARM64, PPC, PPC64, and MIPS decompilers! )
#ida
#reverse
#ida
#reverse
Assembly for Hackers from Reza Rashidi
https://redteamrecipe.com/assembly-for-hackers
#assembly
#reverse
Table of contents
Syntax
Comments
Assembly Language Statements
Syntax of Assembly Language Statements
Example: Hello World Program in Assembly
Compiling and Linking
Sections
Processor Registers
System Calls
Strings
String Instructions
Repetition Prefixes
Numbers
BCD Representation
Instructions:
Conditions
CMP Instruction
Conditional Jump Instructions (Signed Data)
Conditional Jump Instructions (Unsigned Data)
Special Conditional Jump Instructions
Addressing Modes
MOV Instruction
File Handling
Example: Reading from a File
Stack and Memory
Stack and Memory
Tools for Analysis
Code Injection Attack
DLL Injection
APC Injection
Valid Accounts
System Binary Proxy Execution: Rundll32
Reflective code loading
Modify Registry
Process Injection
Mark-Of-The-Web (MOTW) Bypass
Access Token Manipulation
Hijack Execution Flow
Resources
https://redteamrecipe.com/assembly-for-hackers
#assembly
#reverse
INTRODUCTION TO GO REVERSING_bhack_2021_alexandreb.pdf
3.6 MB
Blackhat 2021
--------------------
Related:
AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro
Reversing Golang
#reverse #golang
--------------------
Related:
AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro
Reversing Golang
#reverse #golang
❤6👾1
Forwarded from r0 Crew (Channel)
Native function and Assembly Code Invocation
https://research.checkpoint.com/2022/native-function-and-assembly-code-invocation/
#reverse #idapro
https://research.checkpoint.com/2022/native-function-and-assembly-code-invocation/
#reverse #idapro
Check Point Research
Native function and Assembly Code Invocation - Check Point Research
Introduction For a reverse engineer, the ability to directly call a function from the analyzed binary can be a shortcut that bypasses a lot of grief. While in some cases it is just possible to understand the function logic and reimplement it in a higher-level…
👍5
Forwarded from Infosec Fortress
Maurice's Blog 🐍
A journey through KiUserExceptionDispatcher
I am currently working on an emulation environment similar to Qiling.
Unlike Qiling, it emulates the entire user-space, not just the target application.
As Qiling reimplements all APIs (kernel32, vcruntime, …) outside the emulator, it gains a lot of speed…
Unlike Qiling, it emulates the entire user-space, not just the target application.
As Qiling reimplements all APIs (kernel32, vcruntime, …) outside the emulator, it gains a lot of speed…
👍5
How to get the COM concurrency model for the current thread.
by Rbmm & Dennis A. Babkin
https://dennisbabkin.com/blog/?t=things-you-thought-you-knew-how-to-get-com-concurrency-model-for-current-thread
#com #reverse_engineer #cpp
by Rbmm & Dennis A. Babkin
https://dennisbabkin.com/blog/?t=things-you-thought-you-knew-how-to-get-com-concurrency-model-for-current-thread
#com #reverse_engineer #cpp
www.dennisbabkin.com
Blog Author - Rbmm
Information about blog author at www.dennisbabkin.com - Rbmm
🔥6🤡2
Forwarded from [ deprecated_bytes ]
#reverse #IDA #hardware #research
.title
Mouse Adventures
.text
Wherein I delve into the internals of my no-name brand "Tecknet Hypertrak Gaming Mouse" in an attempt to write a cross-platform tool that can manipulate its configuration without having to use the awful Windows-only tool it's shipped with. In this first part we tear apart said tool to figure out how it communicates with the mouse.
.comment
Practical field story about "simple" hardware reverse engineering. Part 7 is noticeable as rare info about IDA's processor module creation.
.data
#1: Introduction
#2: Extracting the Firmware
#3: Writing a Disassembler
#4: Writing a custom tool
#5: Dumping and Parsing the USB Descriptors
#6: Enabling the Bootloader
#7: Writing an IDA Processor Module
#8: Dissecting the USB Code and Unbricking the Mouse
[ deprecated_bytes ]
.title
Mouse Adventures
.text
Wherein I delve into the internals of my no-name brand "Tecknet Hypertrak Gaming Mouse" in an attempt to write a cross-platform tool that can manipulate its configuration without having to use the awful Windows-only tool it's shipped with. In this first part we tear apart said tool to figure out how it communicates with the mouse.
.comment
Practical field story about "simple" hardware reverse engineering. Part 7 is noticeable as rare info about IDA's processor module creation.
.data
#1: Introduction
#2: Extracting the Firmware
#3: Writing a Disassembler
#4: Writing a custom tool
#5: Dumping and Parsing the USB Descriptors
#6: Enabling the Bootloader
#7: Writing an IDA Processor Module
#8: Dissecting the USB Code and Unbricking the Mouse
[ deprecated_bytes ]
❤3👍1
Forwarded from Cafe Security (Mohammad)
Architecture Analysis of VMProtect 3.8
The focus will be on the new architecture for the latest VMProtect and techniques for attacking or reversing protected binaries. I will demonstrate how reverse engineering techniques—such as symbolic execution and binary instrumentation—can facilitate the de-virtualization or de-obfuscation of the protected code.
https://youtu.be/IMUUjTJzmFI?si=I02CASpsIo_w6G1B
#binary
#reverse
#vmp
#conference
@cafe_security
The focus will be on the new architecture for the latest VMProtect and techniques for attacking or reversing protected binaries. I will demonstrate how reverse engineering techniques—such as symbolic execution and binary instrumentation—can facilitate the de-virtualization or de-obfuscation of the protected code.
https://youtu.be/IMUUjTJzmFI?si=I02CASpsIo_w6G1B
#binary
#reverse
#vmp
#conference
@cafe_security
❤5