Reverse Engineering Articles

The fourth annual Flare-On Challenge – the FireEye Labs Advanced Reverse Engineering (FLARE) team’s yearly reverse engineering contest – is scheduled to kick off on Sept. 1, 2017, at 8pm ET. This is a CTF-style challenge for all active and aspiring reverse engineers, malware analysts, and security professionals. Dust off your disassembler, put a new coat of oil on your old debugger, and get your favorite chat client ready to futilely beg your friends for help. As always, this contest is designed for individuals, not teams, and there is only one track of challenges. The contest runs for six full weeks and ends on Oct. 13, 2017, at 8pm ET. This year’s contest is the la…

interesting research showing methods used to develop jailbreaks and dump apple watch kernel https://speakerdeck.com/mbazaliy/jailbreaking-apple-watch code posted to decrypt/dump the OS that handles all the secure stuff in your iphone. very cool. http://www.iclarified.com/62025/hacker-decrypts-apples-secure-enclave-processor-sep-firmware code: https://github.com/xerub/img4lib massive contribution by xerub

Official site: http://labyrenth.com/Announcement: https://researchcenter.paloaltonetworks.com/2017/04/unit42-labyrenth-ctf-2017/

Following the publication of a paper which proves that using 'mov' is turing complete (http://www.cl.cam.ac.uk/~sd601/papers/mov.pdf) someone has written a mov only compiler.

https://nationalsecurityagency.github.io/ src - https://nakedsecurity.sophos.com/2017/06/21/news-in-brief-wannacry-knocks-out-honda-plant-skype-hit-by-global-outage-nsa-shares-tools-on-github/

http://www.hexblog.com/?p=1096

Cryptographic Function Detection in Obfuscated Binaries via Bit-precise Symbolic Loop Mapping : Get it HERE . Targeting Infeasibility Questions on Obfuscated Codes : Get it HERE .

Scary new malware can take over your Android phone and you won’t even know it

Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution

Hi Guys. Course is done, there are currently 59 chapters. https://www.youtube.com/playlist?list=PL59fvn5FIiQG0CrnALLgXzdpDTOk0hrz2

Hello everyone, the "shabak" (israel security office have posted 3 challenges on their website. iv managed to solve the first 2 and now im hard stuck on this last one. they gave a huge hint there but im still unable to solve this. Im really curious how the 3rd one works and ill ne glad if someone will be able to teach me. Have fun!, ill add the other 2 executables just for the sport. Password: Challenge Airplane_1_the_best_researcher.rar Airplane_2_should_work.rar Airplane_3_with_the_best.rar

Android Applications Reversing 101 https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/ Ted.

NSA-leaking Shadow Brokers just dumped its most damaging release yet (15/April) https://arstechnica.com/security/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/ Analyzing the doublepulsar kernel dll injection technique https://countercept.com/our-thinking/analyzing-the-doublepulsar-kernel-dll-injection-technique/ DoublePulsar Initial SMB Backdoor Ring 0 Shellcode Analysis https://zerosum0x0.blogspot.com/2017/04/doublepulsar-initial-smb-backdoor-ring.html

NSA Exploit Kit (Decrypted Files) - Confirmed by Snowden Himself on TWITTER to be the REAL DEAL : As can be seen from this news article from August last year : Hackers Steal NSA Exploit Kit and Put it up for Auction , there were TWO sets of archives that contained the "Spying Tools" of the NSA. The FREE version was made available last year itself. The OTHER one (nicknamed the "Auction Version") was been sold for huge sums of money (Around 100 bitcoins). Yesterday, the decrypted files from the AUCTION version were also released. Link to Decrypted Version of the AUCTION FILES ARCHIVE files : Code: https://github.com/x0rz/EQGRP The Decryp…

https://blog.flanker017.me/cve-2017-2416-gif-remote-exec/

https://blog.fortinet.com/2017/04/05/how-to-repair-a-dex-file-in-which-some-key-methods-are-erased-with-nops

Explained: Packer, Crypter, and Protector https://blog.malwarebytes.com/cybercrime/malware/2017/03/explained-packer-crypter-and-protector/ Ted.

What are exploits? (And why you should care) https://blog.malwarebytes.com/101/2017/03/what-are-exploits-and-why-you-should-care/ Ted.

The AnC Attack https://www.vusec.net/projects/anc/ Ted.

Practical Android Debugging via KGDB http://blog.trendmicro.com/trendlabs-security-intelligence/practical-android-debugging-via-kgdb/ Ted.

Technical developments in Cryptography: 2016 in Review https://www.eff.org/deeplinks/2016/12/what-happened-crypto-2016 Ted.

This blog post talks about some tips of using the Reflexil plugin. http://dotnetthoughts.net/how-to-reverse-engineer-net-applications-a-quick-guide/

These are some really nice tutorial that i found on Crypto... http://resources.infosecinstitute.com/breaking-software-protection-rsa/ http://resources.infosecinstitute.com/breaking-software-protection-elgamal-signature-scheme/ http://resources.infosecinstitute.com/breaking-software-protection-dsadss/ Thanks

Hello Guys am ask about the Paul Mason All his great Tutrials because his blog removed before a time the tutrials talk about many thing in .net reverse engineering ,but some links and pictures did not works this is the blog from web archive https://web.archive.org/web/20101204034644/http://blog.paul-mason.co.nz/ Thank of all

With the growing popularity of CTF (capture the flag) competitions, and the excellent performance of Polish teams like Dragon Sector in this area, I thought it would be interesting to demonstrate the construction of a simple CrackMe, using some creative techniques which make it difficult to crack and analyse. If you have ever been curious about reverse engineering, entered a CTF competition, or wanted to create your own CrackMe and drive other contestants crazy, this article is for you. https://www.pelock.com/articles/how-to-write-a-crackme-for-a-ctf-competition Sources at GitHub with english comments https://github.com/PELock/CrackMeZ3S-CTF-Crac…