Search Results for “Binary”

Hack Tools

Dec 02, 2019

Goblin – An Impish, Cross-Platform Binary Parsing Crate, Written In Rust

Documentationhttps://docs.rs/goblin/changelog UsageGoblin requires rustc 1.31.1.Add to your Cargo.toml [dependencies]goblin = “0.1” Features awesome crate name zero-copy, cross-platform, endian-aware, ELF64/32 implementation – wow! zero-copy, cross-platform, endian-aware, 32/64 bit Mach-o parser – zoiks! PE 32/64-bit parser – bing! a Unix and BSD style archive parser (latter courtesy of @willglynn) – huzzah! many cfg options – it will […]

root

Hack Tools

Nov 12, 2019

function tracer: analyze a binary file with dynamic instrumentation

functrace – A function tracer functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO (http://dynamorio.org/). These are some implemented features (based on DynamoRIO): disassemble all the executed code disassemble a… The post function tracer: analyze a binary file with dynamic instrumentation appeared first on Penetration Testing.

root

Hack Tools

Nov 08, 2019

Sojobo – A Binary Analysis Framework

Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don’t need to install or compile any other external libraries (the project is self contained).With Sojobo you can: Emulate a (32 bit) PE binary Inspect the memory of […]

root

Reverse Engineering

Oct 08, 2019

B2R2 – Collection Of Algorithms, Functions and Tools For Binary Analysis

B2R2 is a collection of useful algorithms, functions, and tools for binary analysis, written purely in F# (in .NET lingo, it is purely managed code). B2R2 has been named after R2-D2, a famous fictional robot appeared in the Star Wars. In fact, B2R2’s original name was B2-R2, but we decided to use the name […]

root

Reverse Engineering

Nov 04, 2018

FindYara – IDA Python Plugin To Scan Binary With Yara Rules

Use this IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them! All credit for this plugin and the code goes to David Berard (@p0ly) This plugin is copied from David’s excellent findcrypt-yara plugin. This plugin just […]

root

Binary Analysis

Sep 05, 2018

Manticore – Dynamic Binary Analysis Tool

Manticore is a prototyping tool for dynamic binary analysis, with support for symbolic execution, taint analysis, and binary instrumentation. Manticore comes with an easy-to-use command line tool that quickly generates new program “test cases” (or sample inputs) with symbolic execution. Each test case results in a unique outcome when running the program, like a normal […]

root

Incidents

Mar 14, 2018

rop-tool v2.4.1 A tool to help you writing binary exploits

rop-tool v2.4.1 A tool to help you writing binary exploits. An information security training expert gives a small explication about output of heap command Each line correspond to a malloc chunk, and the heap is dumped after each execution of heap functions (free, malloc, realloc, calloc) addr: is the real address of the malloc chunk […]

root

Reverse Engineering

Jan 13, 2018

QBDI – QuarkslaB Dynamic binary Instrumentation

QuarkslaB Dynamic binary Instrumentation (QBDI) is a modular, cross-platform and cross-architecture DBI framework. It aims to support Linux, macOS, Android, iOS and Windows operating systems running on x86, x86-64, ARM and AArch64 architectures. Information about what is a DBI framework and how QBDI works can be found in the user documentation introduction. QBDI modularity means […]

root

Vulnerabilities

Oct 06, 2017

Using Binary Diffing to Discover Windows Kernel Memory Disclosure Bugs

Patch diffing is a common technique of comparing two binary builds of the same code – a known-vulnerable one and one containing a security fix. It is often used to determine the technical details behind ambiguously-worded bulletins, and to establish the root causes, attack vectors and potential variants of the vulnerabilities in question. The approach […]

root

Binary Analysis

Sep 20, 2017

Pharos – Static Binary Analysis Framework

The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University. The framework is designed to facilitate the automated analysis of binary programs. It uses the ROSE compiler infrastructure developed by Lawrence Livermore National Laboratory for disassembly, control flow analysis, instruction semantics, and more. The current distribution in […]

root

Binary Analysis

Dec 02, 2016

BinProxy – a Tool for understanding and manipulating binary network traffic

One of the tools NCC Group released at this year’s Black Hat Arsenal is BinProxy, a tool for understanding and manipulating binary network traffic. In this post, we’ll take a quick tour of BinProxy’s main features and show how you might use the tool for assessing the security of an application that uses a custom protocol. […]

root

Malware

Jul 27, 2016

Binary SMS – The old backdoor to your new thing

Despite being older than many of its users, Short Messaging Service (SMS) remains a very popular communications medium and is increasingly found on remote sensors, critical infrastructure and vehicles due to an abundance of cellular coverage. To phone users, SMS means a basic 160 character text message. To carriers and developers it offers a much […]

root

Data Security

Nov 17, 2015

A Guide to Malware Binary Reconstruction

Often we come across times where binary reconstruction while analyzing malware / unpacking malware is required . Taking leverage of automated tools is not always useful, sometimes manual reconstruction is required. In this blog we will cover up manual and automated binary reconstruction . Reconstructing IAT from stolen API code This technique is used to […]

root