Search the Community

Showing results for tags 'engineering'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin
  • Null3D's Nulled Group

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 55 results

  1. r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, … radare2 is portable. The main tool of the whole framework. It uses the core of the hexadecimal editor and debugger. radare2 allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on. It implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, and visualizing. It can be scripted with a variety of languages, including Python, Ruby, JavaScript, Lua, and Perl. Architectures: 6502, 8051, CRIS, H8/300, LH5801, T8200, arc, arm, avr, bf, blackfin, xap, dalvik, dcpu16, gameboy, i386, i4004, i8080, m68k, malbolge, mips, msil, msp430, nios II, powerpc, rar, sh, snes, sparc, tms320 (c54x c55x c55+), V810, x86-64, zimg, risc-v. File Formats: ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs, various filesystems. Operating Systems: Windows (since XP), GNU/Linux, OS X, [Net|Free|Open]BSD, Android, iOS, OSX, QNX, Solaris, Haiku, FirefoxOS Bindings: Vala/Genie, Python (2, 3), NodeJS, Lua, Go, Perl, Guile, php5, newlisp, Ruby, Java, OCaml, … radare2 v5.5 has been released. Changelog New IOBanks APis and commands replacing skyline and making io faster (2-10x) @condret Faster analysis, type matching, binary parsing (2-4x) @trufae [] and =[] esil operations has been removed (size is mandatory) @condret Lots of important bugs fixed in bin parsers and disassemblers @Lazula Add support for the latest iOS15 dyld4 Atlas-style cache formats @mrmacete Autorename signature matching collisions and faster search @swoops Add assembler for riscv and disassemblers for PDP11, Alpha64 and armv7.v35 @trufae Improved integration with r2frida remote filesystems @as0ler Cleaning debugger for windows (32 and 64) and macOS makes it more reliable and stable @trufae Add seven segment printing (?ea for ascii-art text titles) @trufae Improved xrefs visualization with new axfm and axtm commands @trufae Add avg command to manage global variables @trufae The sixref plugin is now easier to use to find xrefs on arm64 code @hot3eed Improved multibin (select all bins or one) and multidex support in apk:// @trufae Better build scripts for Windows (add asan and w32 profiles) @trufae Added armv7.v35 and improves esil emulation with the arm64.v35 @aemmitt-ns Add more help messages and set scr.prompt.tabhelp true by default @trufae AES key wrap algorithm support in rahash2 @sylvainpelissier Fix var serialization issues in debugger reloading (ood) and projects saving (Ps) @RHL120 Add Amiga and MSX rom/bin parser plugin and test @romerojoseant @trufae Visual slides (r2s) allow interactive content to be used within r2 @trufae Print and convert ternary values back and forth @trufae [hide][Hidden Content]]
  2. APK Lab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali Decompile the APK to Java source Analyze & Hack effectively with feature-rich VS Code Build an APK from Smali and resources Sign the APK seamlessly during the build Install the APK directly from VS Code Support for Apktool-style projects (apktool.yml) Support for most Apktool CLI arguments Android resource frameworks management (Coming soon!) Support for user-provided keystore for APK signing Download and configure missing dependencies Excellent Smali language support with Smalise Supports Linux, Windows, and Mac Changelog v1.5 Added apktool updated to v2.6.0 apk-mitm updated to v1.1.0 feat: auto update check for tools on startup (dev) use yarn instead of npm (ci) auto publish release on tag (ci) use yarn cache for faster builds (ci) migrate to nodejs v14 Fixed fixed some bug/warning (dev) updated other dependencies [hide][Hidden Content]]
  3. Dexcalibur Dexcalibur is an Android reverse engineering platform focus on instrumentation automation. Its particularity is to use dynamic analysis to improve static analysis heuristics. It aims to automate boring tasks related to dynamic instrumentation, such as : Decompile/disass intercepted bytecode at runtime Write hook code and Manage a lot of hook message Search interesting pattern/things to hook Process data gathered by hook (dex file, invoked method, class loader, …) and so … But not only that, because Dexcalibur has its own static analysis engine and it is able to execute a partial piece of smali. Features and limitations Actually, the biggest limitation is Dexcalibur is not able to generate source code of hook targeting native function (into JNI library). However, you can declare manually a Frida’s Interceptor by editing a hook. Assuming Dexcalibur does not provide (for the moment) features to analyze native parts such as the JNI library or JNA, only features and limitations related to the Java part have been detailed. Analysis accuracy depends on the completeness of the Android API image used during the early steps of the analysis. That means, if you use a DEX file generated from the Android.jar file from Android SDK, some references to internal methods, fields, or classes from Android java API could be missing. Better results are obtained when the analysis starts from a “boot.oat” file extracted directly from a real device running the expected Android version. Changelog v0.7.10 Improvements Add Windows supports Replace out dated dependencies “xz” by “lzma-native” Fixed issues #54, #53 : related to Windows support [hide][Hidden Content]]
  4. cutter Cutter is a Qt and C++ GUI for radare2. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers. Disclaimer Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users because of the learning curve, because they don’t like CLI applications or because of the difficulty/instability of radare2. Changelog v2.0.3 Additions and Changes Debug: Heap viewer widget for glibc Rizin, rz-ghidra and jsdec updated to 0.3.0 with changes for compatibility. Various improvements for native macOS UI (#2776) Many internal changes switching from error-prone rizin commands to C API CI and Linux builds: use Ubuntu 18.04 as oldest supported build system (#2736) Bugfixes Fix Decompiler Copy Shortcut (Fix #2773, #2778) Fix Restoring “Show Disassembly as” in Preferences (Fix #2726, #2748) Complete Color Theme Lists (Fix #2672) (#2752) macOS: Fix Versions in Info.plist (Fix #2679) (#2740) Debug: Fix continue until main not being enabled in certain cases (#2727) Debug: Fix attaching to a process with no file opened (#2727) Fix a crash when printing disassembly arrows (#2688) Removals Type Link features removed due to unreliability, in light of global variables coming soon (#2775) [hide][Hidden Content]]
  5. Description ـــــــــــــــــــــــــــــــــــــ In this Reverse Engineering and Exploit Development training course, expert author Philip Polstra will teach you about common software vulnerabilities and how to find them, as well as how the vulnerabilities differ between various operating systems. This course is designed for beginners who are looking to get started in security, penetration testing, and reverse engineering. You will start by learning about reversing compiled Windows applications, including using fuzzing, stack overflows, and heap overflows. From there, Philip will teach you how to reverse compiled OS X, Linux, and Android applications. This video tutorial also covers how to find other vulnerabilities, including website and database vulnerabilities. Finally, you will learn about simple exploits, web exploitation, and ARM exploitation. Once you have completed this computer based training course, you will be fully capable of finding vulnerabilities and developing exploits for them. Working files are included, allowing you to follow along with the author throughout the lessons. Who this course is for: ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Anyone interested in Reverse Engineering and Exploit Development Requirements ـــــــــــــــــــــــــــــــــــــــــــ This course is designed for beginners who are looking to get started in security, penetration testing, and reverse engineering. [hide][Hidden Content]]
  6. Big Data

    Reverse Engineering Ransomware

    Description ـــــــــــــــــــــــــ The aim of this course is to provide a practical approach to analyzing ransomware. Working with real world samples of increasing difficulty, we will: Deep dive into identifying the encryption techniques, Navigate through various evasion tricks used by malware writers, Have fun discovering flaws in their logic or the implementation and Work out automated ways to recover the affected files. If you're already familiar with the basics and want to dive straight into advanced samples, navigate anti-virtualisation and anti-analysis tricks, and write C and Python decryptors for custom crypto algorithms, please check out our Advanced Reverse Engineering Ransomware course! Requirements ــــــــــــــــــــــــــــــــ -Basic programming knowledge -A computer that can run a Windows virtual machine. -An interest in disassembling things and understanding how they work! -Patience and perseverance to “try harder”. Who this course is for: ــــــــــــــــــــــــــــــــــــــــــــــــــــ -Security testers -Malware analysts -Forensics investigators -System administrators -Information security students -Anyone interested in ransomware and malware analysis [hide] [Hidden Content]]
  7. Overview NinjaDroid uses AXMLParser together with a series of Python scripts based on aapt, keytool, string and such to extract a series of information from a given APK package, such as: List of files of the APK: file name, size, MD5, SHA-1, SHA-256 and SHA-512 AndroidManifest.xml info: app name, package name, version, sdks, permissions, activities, services, broadcast-receivers, ... CERT.RSA/DSA digital certificate info: serial number, validity, fingerprint, issuer and owner List of URLs, shell commands and other generic strings hard-coded into the classes.dex files Furthermore, NinjaDroid uses apktool and dex2jar to extract and store: JSON report file, which contains all the extracted APK info AndroidManifest.xml file (thanks to apktool) CERT.RSA/DSA digital certificate file classes.dex files translated .jar file (thanks to dex2jar) disassembled smali files (thanks to apktool) assets/ and res/ folders together with their content (thanks to apktool) [hide][Hidden Content]]
  8. Description ـــــــــــــــــــــــــــ If you are completely new to reverse engineering and malware analysis, then this course is for you. I will take you from zero to proficient level in reverse engineering and analyzing malware. You will learn using plenty of practical walk-throughs. We will learn the basics first then gradually proceed to more advanced topics. All the needed tools will be introduced and explained. By the end of this course, you will have the fundamentals of malware analysis under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained in reverse engineering and analysis would be beneficial to you to reverse software as well. Everything is highly practical. No boring theory or lectures. More like walk-throughs which you can replicate and follow along. We will use tools like tridnet, bintext, pestudio, cff explorer, regshot, procdot, fakenet, wireshark, process monitor, process hacker, xdbg, Ghidra and more... Topics include: ـــــــــــــــــــــــــــــــ -Lab Setup -Tools -OS Fundamentals -Virtual Memory and the PE file -Windows Internals -Malware Components -Static analysis -Dynamic Analysis -Network Analysis -Unpacking Standard and Custom packers -Dumping memory and more... This course is suitable for: ــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Anyone who has no background on malware analysis and just starting out in this field Hobbyist who just like to learn how to reverse engineer and analyze malware Students who like to get started on the career path to become malware analysts Hackers looking for additional tools and techniques to reverse software The prerequisites: ــــــــــــــــــــــــــــــــــــــــ Just a windows PC and an interest in malware analysis, or software reverse engineering. What you’ll learn ـــــــــــــــــــــــــــــــــــــ -Flare VM Lab Setup -OS fundamentals -Windows API -Virtual Memory -PE file structure -Static Analysis -Dynamic Analysis -Network Analysis -Memory Analysis -Identifying Standard and Custom Packers -Unpacking Packed Malware -Debugging Malware -Analysing Malware using Ghidra -Dumping memory and more... Are there any course requirements or prerequisites? ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ Windows PC Interest in malware analysis or reverse engineering Who this course is for: ــــــــــــــــــــــــــــــــــــــــــــــــــ Anyone who has no background on malware analysis and just starting out in this field Hobbyist who just like to learn how to reverse engineer and analyze malware Students who like to get started on the career path to become malware analysts Hackers looking for additional tools and techniques to reverse software [hide][Hidden Content]]
  9. Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot. The tool is currently in beta, and missing some deserialization routines and class information. If it does not work out-of-the-box, please let me know. [Hidden Content]
  10. Bytecode Viewer v2.10.14 - Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More) Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java Decompiler, GUI DEX2Jar, GUI Jar2DEX, GUI Jar-Jar, Hex Viewer, Code Searcher, Debugger and more. It’s written completely in Java, and it’s open source. It’s currently being maintained and developed by Konloch. There is also a plugin system that will allow you to interact with the loaded classfiles, for example, you can write a String deobfuscator, a malicious code searcher, or something else you can think of. You can either use one of the pre-written plugins or write your own. It supports groovy scripting. Once a plugin is activated, it will execute the plugin with a ClassNode ArrayList of every single class loaded in BCV, this allows the user to handle it completely using ASM. Code from various projects has been used, including but not limited to: J-RET by WaterWolf JHexPane by Sam Koivu RSynaxPane by Robert Futrell Commons IO by Apache ASM by OW2 FernFlower by Stiver Procyon by Mstrobel CFR by Lee Benfield CFIDE by Bibl Smali by JesusFreke Dex2Jar by pxb1..? Krakatau by Storyyeller JD GUI/JD Core by The Java-Decompiler Team Enjarify by Storyyeller Key Features: Krakatau Integration for Bytecode assembly/disassembly. Smali/BakSmali Integration – You can now edit class files/dex files via smali! APK/DEX Support – Using Dex2Jar and Jar2Dex it’s able to load and save APKs with ease! Java Decompiler – It utilizes FernFlower, Procyon, and CFR for decompilation. Bytecode Decompiler – A modified version of CFIDE’s. Hex Viewer – Powered by JHexPane. Each Decompiler/Editor/Viewer is toggleable, you can also select what will display on each pane. Fully Featured Search System – Search through strings, functions, variables and more! A Plugin System With Built-In Plugins – (Show All Strings, Malicious Code Scanner, String Decrypters, etc) Fully Featured Scripting System That Supports Groovy. EZ-Inject – Graphically insert hooks and debugging code, invoke main and start the program. Recent Files & Recent Plugins. And more! Give it a try for yourself! Changelog v2.10.14 Improved translations Thanks to @ThexXTURBOXx @TechComet @antonymcgreen @liuxilu @cn-fairy Added javap disassembler Automatic python path detection Improved plugin console Cleaned up settings dialogue Dynamic width Hex-Viewer Better resource handling Lots of code cleanup Patched a few Security Manager escapes Bug fixes and general improvements Thanks to @ThexXTURBOXx Bugs! Expect issues with this release, please report them! [hide][Hidden Content]]
  11. Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java Decompiler, GUI DEX2Jar, GUI Jar2DEX, GUI Jar-Jar, Hex Viewer, Code Searcher, Debugger and more. It’s written completely in Java, and it’s open source. It’s currently being maintained and developed by Konloch. There is also a plugin system that will allow you to interact with the loaded classfiles, for example, you can write a String deobfuscator, a malicious code searcher, or something else you can think of. You can either use one of the pre-written plugins or write your own. It supports groovy scripting. Once a plugin is activated, it will execute the plugin with a ClassNode ArrayList of every single class loaded in BCV, this allows the user to handle it completely using ASM. Code from various projects has been used, including but not limited to: J-RET by WaterWolf JHexPane by Sam Koivu RSynaxPane by Robert Futrell Commons IO by Apache ASM by OW2 FernFlower by Stiver Procyon by Mstrobel CFR by Lee Benfield CFIDE by Bibl Smali by JesusFreke Dex2Jar by pxb1..? Krakatau by Storyyeller JD GUI/JD Core by The Java-Decompiler Team Enjarify by Storyyeller Key Features: Krakatau Integration for Bytecode assembly/disassembly. Smali/BakSmali Integration – You can now edit class files/dex files via smali! APK/DEX Support – Using Dex2Jar and Jar2Dex it’s able to load and save APKs with ease! Java Decompiler – It utilizes FernFlower, Procyon, and CFR for decompilation. Bytecode Decompiler – A modified version of CFIDE’s. Hex Viewer – Powered by JHexPane. Each Decompiler/Editor/Viewer is toggleable, you can also select what will display on each pane. Fully Featured Search System – Search through strings, functions, variables and more! A Plugin System With Built-In Plugins – (Show All Strings, Malicious Code Scanner, String Decrypters, etc) Fully Featured Scripting System That Supports Groovy. EZ-Inject – Graphically insert hooks and debugging code, invoke main and start the program. Recent Files & Recent Plugins. And more! Give it a try for yourself! Changelog v2.10.13 Notable Changes Translated Into 25 Languages Including: Arabic, German, Japanese, Mandarin, Russian, Spanish – Thank you to everyone who helped provide translations! (Expect some translation issues, if you encounter any please help us fix them!) Plugin Writer: Create and edit external plugins from within BCV Fixed Krakatau & Smali Disassembler/Assembler Fixed Java & Bytecode Editing/Compiling Lots of code cleanup Bug fixes and general improvements [hide][Hidden Content]]
  12. A Beginner's Course on Reverse Engineering and Analyzing Malicious .NET and Java Executable Files What you'll learn Decompiling .NET and Java Binaries De-obfuscation of .NET and Java Code Analyzing .NET and Java Malware Detecting Malware Artifacts and Indicators of Compromise Using Flare-VM Malware Analysis Tools Disassembling .NET binary to IL language Decompiling .NET binary to C# or VBNET Static Analysis of .NET and Java Executable Dynamic Analysis and Debugging using dnSpy Setting up Malware Analysis Lab Analyzing Ransomware Analyzing Spyware Trojans and Info-Stealers Identifying Native Files vs .NET and Java Files Decompiling Java Bytecode to Java Source Reverse Engineering Analyzing Cross Platform RATs and more... Requirements Windows PC Interest in Malware Analysis Knowledge of C# and Java would be helpful Description New malware are being created everyday and poses one of the greatest threat to computer systems everywhere. In order to infect Windows, Linux and Mac OSX, malware authors create cross-platform malware using .NET and Java. This course will introduce you to the basics of how to analyze .NET and Java malware - one of the most common and popular ways to create cross platform malware. If you are a beginner just starting out on malware analysis and wish to gain a fundamental knowledge to analyze .NET or Java malware, then this course is for you. It is a beginner course which introduces you to the technique and tools used to reverse engineer and also analyze .NET and Java binaries. In this course, you will learn how to check and analyze malicious .NET and Java executables for signs of malicious artifacts and indicators of compromise. This is a beginners course and targeted to those who are absolutely new to this field. I will take you from zero to proficient level in analyzing malicious .NET and Java binaries. You will learn using plenty of practical walk-throughs. We will learn the basic knowledge and skills in reverse engineering and analyzing malware. All the needed tools and where to download them will be provided. By the end of this course, you will have the fundamentals of malware analysis of .NET and Java under your belt to further your studies in this field. Even if you do not intend to take up malware analysis as a career, still the knowledge and skills gained would enable you to check executables for dangers and protect yourself from these attacks. We will use Flare-VM and windows virtual machine. Flare-VM is a popular Windows based Malware Analyst distribution that contains all the necessary tools for malware analysis. All the essential theory will be covered but kept to the minimum. The emphasis is on practicals and lab exercises. Go ahead and enroll now and I will see you inside. Who this course is for: Anyone who has no background in malware analysis and just starting out in this field Hobbyist who just like to learn how to analyze .NET and Java malware Students who like to get started on the career path to become malware analysts Anyone eager to learn how to detect new malware [Hidden Content] [hide][Hidden Content]]
  13. Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java Decompiler, GUI DEX2Jar, GUI Jar2DEX, GUI Jar-Jar, Hex Viewer, Code Searcher, Debugger and more. It’s written completely in Java, and it’s open source. It’s currently being maintained and developed by Konloch. There is also a plugin system that will allow you to interact with the loaded classfiles, for example, you can write a String deobfuscator, a malicious code searcher, or something else you can think of. You can either use one of the pre-written plugins or write your own. It supports groovy scripting. Once a plugin is activated, it will execute the plugin with a ClassNode ArrayList of every single class loaded in BCV, this allows the user to handle it completely using ASM. Code from various projects has been used, including but not limited to: J-RET by WaterWolf JHexPane by Sam Koivu RSynaxPane by Robert Futrell Commons IO by Apache ASM by OW2 FernFlower by Stiver Procyon by Mstrobel CFR by Lee Benfield CFIDE by Bibl Smali by JesusFreke Dex2Jar by pxb1..? Krakatau by Storyyeller JD GUI/JD Core by The Java-Decompiler Team Enjarify by Storyyeller Key Features: Krakatau Integration for Bytecode assembly/disassembly. Smali/BakSmali Integration – You can now edit class files/dex files via smali! APK/DEX Support – Using Dex2Jar and Jar2Dex it’s able to load and save APKs with ease! Java Decompiler – It utilizes FernFlower, Procyon, and CFR for decompilation. Bytecode Decompiler – A modified version of CFIDE’s. Hex Viewer – Powered by JHexPane. Each Decompiler/Editor/Viewer is toggleable, you can also select what will display on each pane. Fully Featured Search System – Search through strings, functions, variables and more! A Plugin System With Built-In Plugins – (Show All Strings, Malicious Code Scanner, String Decrypters, etc) Fully Featured Scripting System That Supports Groovy. EZ-Inject – Graphically insert hooks and debugging code, invoke main and start the program. Recent Files & Recent Plugins. And more! Give it a try for yourself! Changelog v2.10.12 Notable Changes Dark mode (Opt-in) & theme selection thanks to @ThexXTURBOXx XAPK file support Translation process has started Javascript plugin support Bug fixes and general improvements [hide][Hidden Content]]
  14. Introduction to Arm exploitation Part one What you'll learn Arm exploitation Binary exploitation Reverse engineering Basic arm instructions Gdb primer Patching binaries Ghidra,Binary ninja,Hopper etc Exploit development Format string vulnerabilities Ret2zp Attack Nx Bypass Buffer overflow Requirements A PC Basic programming concept(not necessary) Some interest Description Hello, Welcome to the cheapest and first course of Arm exploitation in Udemy.This course is purely for beginners.As you all know arm based devices are becoming more and more prominent these days so its important to learn about the securing them.i made this course highly practical so that it doesn't bore you as you go.This course Only requires just a PC we shouldn't be needing any raspberry pi or anything we will using emulated labs .This course is very basic and if you are already familiar with buffer overflows and format string exploitation this wouldn't be much help to you but still this can help you as a primer and as an introduction to ARM exploitation. This course is focused on Arm v6 vulnerabilities and Exploitation (32 bit ).We will start off with some basic arm instructions and will move to the practical exploitation.The core sections of these course is Reverse engineering and binary exploitation.We will reverse and modify the behaviour of simple crackme programs using Ghidra,Binary ninja,Hopper etc.Then we will move into exploiting various binaries using format string vulnerabilities and buffer overflows.After that we will be look at the protections used by the binaries and bypassing them.We will be using ctf style examples mostly.As this is the part one of the course we will cover everything from the scratch.This course has a 30 day refund policy so even if you dont like this course you can just surely get your money 100%. (NB : Its a ongoing course new contents will be added) I suggest you to watch the sample videos and then deciding to buy this. Who this course is for: Anyone Interested in learning binary exploitation Hackers Ctf players Reverse engineers [Hidden Content] [hide][Hidden Content]]
  15. Tool social engineering [Access Webcam & Microphone & Os Password Grabber & Location Finder] With Ngrok Features: Get Device Information Without Any Permissions Access Location [SMARTPHONES] Os Password Grabber [WIN-10] Access Webcam Access Microphone Operating Systems Tested Kali Linux 2020 [hide][Hidden Content]]
  16. APK Lab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali Decompile the APK to Java source Analyze & Hack effectively with feature-rich VS Code Build an APK from Smali and resources Sign the APK seamlessly during the build Install the APK directly from VS Code Support for Apktool-style projects (apktool.yml) Support for most Apktool CLI arguments Android resource frameworks management (Coming soon!) Support for user-provided keystore for APK signing Download and configure missing dependencies Excellent Smali language support with Smalise Supports Linux, Windows, and Mac Changelog v1.4 Added apk-mitm updated to v0.12.0 New GitHub Org and website Add ‘show inconsistent code’ arg to jadx (#127) (thanks @psolyca) Add deobfuscation args to jadx (#117) (thanks @psolyca) Fixed show quark analysis report on project open (#121) use common process executor for quark analysis (#125) refactor project src dir structure (#122) dep: bump dependencies (#128) CI: fix Quark analysis tests (#126) [hide][Hidden Content]]
  17. Ghidra EVM Module In the last few years, attacks on deployed smart contracts in the Ethereum blockchain have ended up in a significant amount of stolen funds due to programming mistakes. Since smart contracts, once compiled and deployed, are complex to modify and update different practitioners have suggested the importance of reviewing their security in the blockchain where only Ethereum Virtual Machine (EVM) bytecode is available. In this respect, reverse engineering through disassemble and decompilation can be effective. ghidra-EVM is a Ghidra module for reverse engineering smart contracts. It can be used to download Ethereum Virtual Machine (EVM) bytecode from the Ethereum blockchain and disassemble and decompile the smart contract. Further, it can analyze creation code, find contract methods and locate insecure instructions. [hide][Hidden Content]]
  18. NinjaDroid NinjaDroid is a simple tool to reverse engineering Android APK packages. Overview: NinjaDroid uses a modified version of the Androguard AXMLParser (by Anthony Desnos) together with a series of other Python scripts (by Paolo Rovelli) based on aapt, keytool, string, and such to extract a series of information from a given APK package, such as: APK file info (i.e. file size, MD5, SHA-1, SHA-256 and SHA-512); App info (e.g. app name, package name, version, lists of permissions, list of Activities/Services/BroadcastReceivers, etc…); Digital certificate info (e.g. validity, serial number, fingerprint MD5, SHA-1, SHA-256, and signature), including certificate issuer/owner info (e.g. name, email, company, country, etc…); All the strings hard-coded into the classes.dex file; The URLs and shell command hard-coded into the classes.dex file; AndroidManifest file info (i.e. file size, MD5, SHA-1, SHA-256 and SHA-512); classes.dex file info (i.e. file size, MD5, SHA-1, SHA-256 and SHA-512); CERT.RSA/DSA file info (i.e. file size, MD5, SHA-1, SHA-256 and SHA-512); List of file entries (i.e. file name, file size, MD5, SHA-1, SHA-256, and SHA-512) in the APK package. Furthermore, NinjaDroid uses apktool and dex2jar, together with other Python scripts in order to extract from an APK package: classes.dex file; translated .jar file (thanks to dex2jar); disassembled smali files (thanks to apktool); AndroidManifest.xml file (thanks to apktool); CERT.RSA file; assets/ and res/ folders together with their content (thanks to apktool ); JSON and HTML report files, which contains all the extracted APK metadata. [hide][Hidden Content]]
  19. What you'll learn Debug programs with Cheat Engine Reverse engineer programs Solve CrackMe challenges Disassemble programs into assembly code Setting breakpoints and stepping through code Modify program behaviour Hacking and patching process memory Code Injection Writing Trainers (Loaders) Lua Scripting to hack memory Assembly scripting to do byte patching and more... This course includes: 2.5 hours on-demand video 10 downloadable resources Full lifetime access Access on mobile and TV Certificate of completion Requirements Windows PC Some Assembly or Lua background would help, but not mandatory Description If you had always wanted to learn how use hack a program's memory, to reverse engineer and debug software, then this is the course for you.This course is an introduction to Reverse Engineering for anyone who wants to get started in this field. It is suitable for software developers who want to learn how software works internally and also for reverse engineers who want to fix bugs where the source code is not available. Traditionally, we use tools like x64dbg, OllyDbg for reverse engineering and debugging. Howevever, those tools have their limitations as they rely on file patching to modify program behaviour. But what if the files could not be patched. Here Cheat Engine shines. Cheat Engine is a memory hacking tool. It is used by Gamers to hack games in order to cheat. Cheat Engine's main strength is its memory scanning, code injection, or process patching. This course will equip you with the knowledge and skill to use Cheat Engine in addition to whatever other tools you might already be familiar. It is also suitable for absolute beginners with no knowledge of reversing, as I will take you from zero to hero. In this course we will learn Cheat Engine by hacking CrackMe challenges. A CrackMe is a small program designed to test a programmer's reverse engineering skills. What you will learn How to disassemble programs into assembly code Dynamic Analysis Setting breakpoints and stepping through code Modify program behaviour Patching process memory Locating address to do memory patching Writing custom Memory Hackers (trainers) using Cheat Engine to hack and patch memory Creating Lua Scripts for process patching Break and Trace Cone Injection Direct Memory Patching and more... Prerequisites: Knowledge of Assembly would be helpful but not compulsory Windows PC Who this course is for: Beginners to Reverse Engineering Game Hackers who want to try their hand at hacking windows programs Programmers with want to learn debugging Students who want to know how programs work internally Anyone interested in learning how to hack and patch process memory [Hidden Content] [hide][Hidden Content]]
  20. Dexcalibur Dexcalibur is an Android reverse engineering platform focus on instrumentation automation. Its particularity is to use dynamic analysis to improve static analysis heuristics. It aims to automate boring tasks related to dynamic instrumentation, such as : Decompile/disass intercepted bytecode at runtime Write hook code and Manage a lot of hook message Search interesting pattern/things to hook Process data gathered by hook (dex file, invoked method, class loader, …) and so … But not only that, because Dexcalibur has its own static analysis engine and it is able to execute a partial piece of smali. Features and limitations Actually, the biggest limitation is Dexcalibur is not able to generate source code of hook targeting native function (into JNI library). However, you can declare manually a Frida’s Interceptor by editing a hook. Assuming Dexcalibur does not provide (for the moment) features to analyze native parts such as the JNI library or JNA, only features and limitations related to the Java part have been detailed. Analysis accuracy depends on the completeness of the Android API image used during the early steps of the analysis. That means, if you use a DEX file generated from the Android.jar file from Android SDK, some references to internal methods, fields, or classes from Android java API could be missing. Better results are obtained when the analysis starts from a “boot.oat” file extracted directly from a real device running the expected Android version. Changelog v0.7.8 Fixed issues : #43, #42 : Better detection and remediation of issues related to target platform and to target device Improvements : SmaliParser works on Windows Add support of Android API 30 [hide][Hidden Content]]
  21. Dexcalibur Dexcalibur is an Android reverse engineering platform focus on instrumentation automation. Its particularity is to use dynamic analysis to improve static analysis heuristics. It aims to automate boring tasks related to dynamic instrumentation Decompile/disass intercepted bytecode at runtime Write hook code and Manage a lot of hook message Search interesting pattern/things to hook Process data gathered by hook (dex file, invoked method, class loader, …) and so … But not only that, because Dexcalibur has its own static analysis engine and it is able to execute a partial piece of smali. Features and limitations Actually, the biggest limitation is Dexcalibur is not able to generate source code of hook targeting native function (into JNI library). However, you can declare manually a Frida’s Interceptor by editing a hook. Assuming Dexcalibur does not provide (for the moment) features to analyze native parts such as the JNI library or JNA, only features and limitations related to the Java part have been detailed. Analysis accuracy depends on the completeness of the Android API image used during the early steps of the analysis. That means, if you use a DEX file generated from the Android.jar file from Android SDK, some references to internal methods, fields, or classes from Android java API could be missing. Better results are obtained when the analysis starts from a “boot.oat” file extracted directly from a real device running the expected Android version. [hide][Hidden Content]]
  22. Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various applications of reverse engineering, this book provides readers with practical, in-depth techniques for software reverse engineering. The book is broken into two parts, the first deals with security-related reverse engineering and the second explores the more practical aspects of reverse engineering. In addition, the author explains how to reverse engineer a third-party software library to improve interfacing and how to reverse engineer a competitor's software to build a better product. The first popular book to show how software reverse engineering can help defend against security threats, speed up development, and unlock the secrets of competitive products Helps developers plug security holes by demonstrating how hackers exploit reverse engineering techniques to crack copy-protection schemes and identify software targets for viruses and other malware Offers a primer on advanced reverse-engineering, delving into "disassembly"-code-level reverse engineering-and explaining how to decipher assembly language [Hidden Content] [hide][Hidden Content]]
  23. In this video we're going to review the widely used tool: OllyDbg. Ollydbg is a tool for debugging used for binary code analysis. It converts the binary language to an assembly language. Assembly language is an ISA (Instruction Set Architecture) based low level language which is user friendly and has an efficient code. It is an application to figure out the bugs in a program, troubleshoot it and run specific parts of it and see how it works. We talk about Pros and Cons of OllyDbg, how to install it and it's uses. [hide][Hidden Content]]
  24. Ethical Hacking: Social Engineering Pluralsight is not an official partner or accredited training center of EC-Council. This course will teach you about social engineering techniques attackers use to compromise systems, and the tools you can use to fight back. Description Pluralsight is not an official partner or accredited training center of EC-Council. Security defenses within information systems focus primarily on technology controls, that is, security is implemented within physical appliances and software. These controls are frequently bypassed when the humans themselves are compromised by a social engineering attack. Social engineering involves compromising the individuals that use these systems. Attackers look to exploit weaknesses in human nature and coerce people into performing actions which give the attacker an advantage. In this course, we'll look at various different social engineering techniques that can be used to compromise systems. We'll also look at both computer-based and behavior-based tools to help defend against this risk. This course is part of the Ethical Hacking Series. [Hidden Content] [Hidden Content] [hide][Hidden Content]]
  25. Wait, what's reverse engineering? Wikipedia defines it as: Reverse engineering, also called backwards engineering or back engineering, is the process by which an artificial object is deconstructed to reveal its designs, architecture, code, or to extract knowledge from the object. It is similar to scientific research, the only difference being that scientific research is conducted into a natural phenomenon. [hide][Hidden Content]]