PyREBox - Python scriptable Reverse Engineering Sandbox

PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to instrument its execution, by creating simple scripts in python to automate any kind of analysis. QEMU (when working as a whole-system-emulator) emulates a complete system (CPU, memory, devices...). By using VMI techniques, it does not require to perform any modification into the guest operating system, as it transparently retrieves information from its memory at run-time.

https://github.com/Cisco-Talos/pyrebox

Official Black Hat Arsenal Tools Github Repository

This github account maps to the Black Hat Arsenal tools since its inception in 2011. For readibility, the tools are classified by category and not by session.



https://github.com/toolswatch/blackhat-arsenal-tools

Remote format string exploit in syslog() - bin 0x1E

Solving final1 from exploit-exercises.com with a format string vulnerability because of syslog().

https://www.youtube.com/watch?v=MBz5C9Wa6KM

Pafish - Tool to Detect Sandboxes and Analysis Environments in the Same Way as Malware Families Do

https://github.com/a0rtega/pafish

Here's a picture of @MalwareTechBlog and @marciahofmann before the hearing.

Descubrir la infraestructura interna de SAP con Metasploit
Un ERP (Enterprise Resource Planning) es un software de gestión utilizado por empresas para la mejor administración y el aprovechamiento más optimo de sus recursos. También persigue simplificar los procesos involucrados en las gestiones de las empresas. Están íntimamente ligados a los sistemas de producción, ya que por lo general, gestionan inventarios, pedidos, etcétera.

http://www.elladodelmal.com/2017/08/descubrir-la-infraestructura-interna-de.html

Facebook Uses Data from Onavo To Track Apps and Services Which People Use

http://www.iphonehacks.com/2017/08/facebook-uses-data-from-onavo-to-track-apps-services-people-use.html

Accidentally typo to bypass administration access.

https://c0rni3sm.blogspot.mx/2017/08/accidentally-typo-to-bypass.html

Releasing WinREPL, a "read-eval-print loop" shell for x86+x64 assembly on Windows. Great for playing with shellcode.

https://github.com/zerosum0x0/WinREPL

Computer Security and Privacy in DNA Sequencing

http://dnasec.cs.washington.edu/

Philip K. Dick

La biblia de las biblias de magstripe Yes. One of the most beautiful manuals about magstripe: https://cdn.instructables.com/ORIG/F8F/O3U9/FJBYZ4T9/F8FO3U9FJBYZ4T9.txt

thank's netxing !

ESTA ES LA RECETA PARA ESCAPAR DE LA MATRIX Y CONSEGUIR EL ESTADO DE UN CRISTO O UN BUDA, SEGÚN PHILIP K. DICK

http://pijamasurf.com/2017/03/como_salir_de_la_matrix_segun_philip_k_dick/

JexBoss: Java Deserialization Verification & EXploitation Tool! http://pentestit.com/jexboss-java-deserialization-verification-exploitation-tool/amp/

Reading Memory Of 64-bit Processes. https://blog.didierstevens.com/2017/08/13/reading-memory-of-64-bit-processes/amp/

Hacker sold his exploit to bypass @Poloniex 2FA because they didn't answer his support ticket... https://www.reddit.com/r/PoloniexForum/comments/6t4tvs/i_managed_to_bypass_2fa_and_email_verification_is/ $crypto #bitcoin

Disassembling .NET Code with BenchmarkDotNet


http://adamsitnik.com/Disassembly-Diagnoser/

oh maaan !! hahaha

Our very own Frank Ippolito recently built a lifelike Hypnotoad for the Fan-o-Rama Futurama fan film, and shows how he built the animatronic for the project.
Check out its animated eyes and mesmerizing breathing motion. All glory to the hypnotoad!

https://www.youtube.com/watch?v=L7wxpEpyw24