Browsing tag
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT as part of attacks targeting specific individuals in the Asia region in summer 2023. The malware could, “aside from standard RAT functionality, change the last write timestamp of a selected […]
Recently we informed that the National Security Agency’s (NSA) plans to release GHIDRA, the famous reverse engineering tool in March. As per latest reports, the NSA has released GHIDRA and the open-source world can now use it easily. This is quite unlike the other cybersecurity tools so far associated with the NSA because it is […]
It’s not a hidden fact that the National Security Agency (NSA) develops and uses many powerful and in-house security tools for carrying out different “important” tasks. Ghidra is one such well-known software reverse engineering toolkit that the agency has been using for a long time. At 2019’s RSA security conference, the NSA open sourced the […]
A Qt and C++ GUI for radare2 reverse engineering framework (originally named Iaito). Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users because of the learning curve, because they don’t like CLI applications or because of the difficulty/instability of radare2. Requirements CMake >= 3.1 Radare2 […]
The UEFI firmware parser is a simple module and set of scripts for parsing, extracting, and recreating UEFI firmware volumes. This includes parsing modules for BIOS, OptionROM, Intel ME and other formats too. Please use the example scripts for parsing tutorials. Installation This module is included within PyPy as uefi_firmware $ sudo pip install uefi_firmware […]
Lobotomy is a command line based Android reverse engineering tool. Components: Permission Strings Attack Surface Surgical Interact UI De-compile De-buggable Dextra Socket OSX Components required for python-adb brew install openssl brew install swig env LDFLAGS=”-L$(brew –prefix openssl)/lib” CFLAGS=”-I$(brew –prefix openssl)/include” SWIG_FEATURES=”-cpperraswarn -includeall -I$(brew –prefix openssl)/include” Now enter the following code […]
When it was released 20 years ago, the Sega Saturn was by far the most powerful video game console available. It was a revolutionary device, had incredible (for the time) graphics, and a huge library of IP Sega could draw from. The Saturn was quickly overshadowed by the Sony Playstation, and soon these devices found […]
The DUBNIUM campaign in December involved one exploit in-the-wild that affected Adobe Flash Player. In this blog, we’re going to examine the technical details of the exploit that targeted vulnerability CVE-2015-8651. For more details on this vulnerability, see Adobe Security Bulletin APSB16-01. Note that Microsoft Edge on Windows 10 was protected from this attack due […]
A small, very fast and powerful text extractor.It can extract text from any kind of file and includes the ability to find plain ASCII text, Unicode (double byte ANSI) text and Resource strings, providing useful information for each item. Basically, we need to extract the appropriate text that will lead us back to the hacker. […]