Brute Force Bypassing of ASLR on 64-bit x86 GNU/Linux
According to some papers 64-bit ASLR (Address Space Layout Randomization) is a strong protection against brute force attacks. E.g. asserts that “Since every bit doubles the number of possible stack...
View ArticleA Taxonomy of Obfuscating Transformations
It has become more and more common to distribute software in forms that retain most or all of the information present in the original source code. An important example is Java bytecode. Since such...
View ArticleHDMI – Hacking Displays Made Interesting
Picture this scene, which incidentally happens thousands of times every day all around the world: Someone walks into a meeting room, sees a video cable and plugs it into their laptop. The other end of...
View ArticleBinary Code Obfuscation Through C++ Template Meta-Programming
Defending programs against illegitimate use and tampering has become both a field of study and a large industry. Code obfuscation is one of several strategies to stop, or slow down, malicious attackers...
View ArticleControl Speculation in Multithreaded Processors through Dynamic Loop Detection
This paper presents a mechanism to dynamically detect the loops that are executed in a program. This technique detects the beginning and the termination of the iterations and executions of the loops...
View ArticleEFI Scripts for IDA Pro
Some IDA scripts to assist with reverse engineering EFI executables.This package contains the following files:1. `efiutils.py` - IDAPython module with some helper functions2. `efiguids.py` - A...
View ArticleHacking Blues
When each day brings a new collection of stories about the horrors of the cyberage, it's easy to forget why anyone would spend their professional lives in the security industry. Microsoft urged to sue...
View ArticleInformation-based Dependency Matching For Behavioral Malware Analysis
Malicious software (malware) has been a constant threat to computer environments. Every year malware inflict staggering amount of damage and incur vast financial losses worldwide. Malware has changed...
View ArticleOllyExt 1.0
OllyExt is a plugin for Olly 2.xx debugger.The main intention of this plugin is to provide the biggest anti-anti debugging features and bugfixes for Olly 2.xx. Updates will come... :)The currently...
View ArticleOreans UnVirtualizer 1.6
This tool will help conversion VirtualOpcodes -> Assembly Instruction. Restoring the original code of your virtualized application, the basic engine was from CodeUnvirtualizer, my other...
View ArticleTropical Cryptography
We employ tropical algebras as platforms for several cryptographic schemes that would be vulnerable to linear algebra attacks were they based on “usual” algebras as platforms.
View ArticleUsing Processor Features for Binary Analysis
A detailed understanding of the behavior of exploits and malicious software is necessary to obtain a comprehensive overview of vulnerabilities in operating systems or client applications, and to...
View ArticleSilences Programming Tour with MASM32
In this series I will teach you how to code in MASM32. Everything is very well explained, each line, each word and each API. This tour is called "General Edition" simply because I will learn you...
View ArticleODBGScript Command Reference Guide 0.1
This command reference gives you quick access to documentation and the command structure used within ODBGScript for the scripting language. Documentation is in .chm format.ODbgScript is a plugin for...
View ArticleVMProtect 1.xx - 2.xx Ultra Unpacker v1.0
After a long time I have decided to write a completely new VMProtect unpacking script. I checked older and newer VMProtect files which I found to create a new script which can handle all versions....
View ArticleThe C64 PLA Dissected
The programmable logic array (PLA) in the Commodore 64 (C64) is used to create chip select signals from various other signals, e.g., from the current address. These signals control which chip is to be...
View ArticleVicPlug-In-2 2.03
+ Menu- Show the toolbar- Maximize OllyDbg Window when staring- Maximize all OllyDbg child windows- Make the transparency for OllyDbg window- Deletes all the UDD (*.udd & *.bak)- DATA Converter-...
View ArticleDeDe 3.99
DeDe is a very fast program that can analyze executables compiled with Delphi 2,3,4,5 and Builder and give you the following: - All dfm files of the target. You will be able to open and edit them with...
View ArticleBinaryCopyEx 1.0
BinaryCopyEx is a plugin for OllyDbg 2.01 debugger. The plugin allows to extend the OllyDbg capabilities. Now binary code can be copied with following syntaxes:- None (Dump only)- Assembler- C/C++-...
View ArticleB2A 0.1
The DataRipper plugin rips code for "DELPHI" users very badly eg: "$01h, $02h, $03h" and after you need to manually remove all the "h" chars! After some time doing this I decided to code my own...
View Article