Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'engineering'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

  1. Description Provides readers with a solid foundation in Arm assembly internals and reverse-engineering fundamentals as the basis for analyzing and securing billions of Arm devices Finding and mitigating security vulnerabilities in Arm devices is the next critical internet security frontier—Arm processors are already in use by more than 90% of all mobile devices, billions of Internet of Things (IoT) devices, and a growing number of current laptops from companies including Microsoft, Lenovo, and Apple. Written by a leading expert on Arm security, Blue Fox: Arm Assembly Internals and Reverse Engineering introduces readers to modern Armv8-A instruction sets and the process of reverse-engineering Arm binaries for security research and defensive purposes. Divided into two sections, the book first provides an overview of the ELF file format and OS internals, followed by Arm architecture fundamentals, and a deep-dive into the A32 and A64 instruction sets. Section Two delves into the process of reverse-engineering itself: setting up an Arm environment, an introduction to static and dynamic analysis tools, and the process of extracting and emulating firmware for analysis. The last chapter provides the reader a glimpse into macOS malware analysis of binaries compiled for the Arm-based M1 SoC. Throughout the book, the reader is given an extensive understanding of Arm instructions and control-flow patterns essential for reverse engineering software compiled for the Arm architecture. Providing an in-depth introduction into reverse-engineering for engineers and security researchers alike, this book: Offers an introduction to the Arm architecture, covering both AArch32 and AArch64 instruction set states, as well as ELF file format internals Presents in-depth information on Arm assembly internals for reverse engineers analyzing malware and auditing software for security vulnerabilities, as well as for developers seeking detailed knowledge of the Arm assembly language Covers the A32/T32 and A64 instruction sets supported by the Armv8-A architecture with a detailed overview of the most common instructions and control flow patterns Introduces known reverse engineering tools used for static and dynamic binary analysis Describes the process of disassembling and debugging Arm binaries on Linux, and using common disassembly and debugging tools Blue Fox: Arm Assembly Internals and Reverse Engineering is a vital resource for security researchers and reverse engineers who analyze software applications for Arm-based devices at the assembly level. [Hidden Content] [hide][Hidden Content]]
  2. Learn how to hack accounts & personal devices (Windows, Mac OS X, Linux & Android) & how to secure yourself from hackers. What you’ll learn Hack updated & patched systems (Windows, Linux, OS X, and Android). Generate undetectable backdoors for Windows, Mac OS X, Linux & Android. Generate malware to steal all passwords from Windows & Linux. Embed malware in Microsoft Office documents. Backdoor Android applications. Make evil files (backdoors/keyloggers) look and function like regular files (image, pdf, or any other file type). Manually modify malware to bypass anti-virus programs. Advanced malware delivery techniques (through fake pages, emails, indirect notifications….etc.) She advanced post-exploitation. Discover websites, companies, people, emails, and social networking accounts associated with a person or a company. Install hacking lab & needed software (on Windows, OS X, and Linux) Install Kali Linux – a penetration-testing operating system Install windows & vulnerable operating systems as virtual machines for testing Learn Linux basics Learn Linux commands and how to interact with the terminal Build attack strategies based on the gathered info Generate a remote keylogger that logs every critical strike entered on a target computer and sends reports by email. Backdoor Debian packages for Linux Generate OS X backdoors that look and function like regular files (image, pdf ..etc.). Hack OS X and Linux computers by using a simple one-line command. Send emails from ANY email account. Create fake websites that look exactly like any other website. Create a fake login page and use it to steal passwords. Use clever social engineering techniques to make the target person willingly use our fake website. Deliver malware as fake updates, fake installers ..etc. Read, write, download, upload, and execute files on compromised systems. Capture critical strikes on compromised systems. Use a compromised computer as a pivot to hack other computers on the same network. Maintain your access to the hacked systems even after restarting. Escalate your privileges to admin. Analyse files & detect undetectable malware. Use a sandbox to analyze undetectable malware. Access messages, social accounts, cameras, GPS …..etc. Of the hacked phones. Requirements Basic IT Skills No Linux, programming, or hacking knowledge is required. Computer with a minimum of 4GB ram/memory Operating System: Windows / OS X / Linux Description Note: The contents of this course are not covered in any of my other methods except for some basics. Although social engineering is covered in one of my other courses, that course only covers the basics. In contrast, this course dives much more profound into this topic covering more techniques, more operating systems, advanced exploitation, advanced post-exploitation, bypassing security, and more! Welcome to this comprehensive course on Social Engineering! In this course, you will start as a beginner with no previous hacking knowledge. By the end, you’ll be at a high level in social engineering, able to hack into all major operating systems (Windows, OS X, Linux, and Android) like black-hat hackers and secure yourself from hackers. This course is focused on the practical side of social engineering without neglecting the theory. First, you’ll learn how to install the software (on Windows, Linux, and Mac OS X). Then, the course is divided into several sections to represent the steps you’d take to successfully hack a target using social engineering. Learn Social Engineering From Scratch 1. Information Gathering – First, before doing anything, you need to know your target; in this section, you’ll learn how to gather information about your target, whether it is a company, website, or just a person. You will learn how to discover anything that is associated with your target, such as websites, links, companies, users, emails, phone numbers, friends, social networks accounts …etc.; you will also learn how to graph all of this information and use it to build an intelligent attack strategy. 2. Delivery Methods – Now that you have your custom-made trojan ready, in this section, you will learn several social engineering techniques to deliver it to the target; you will learn how to create fake websites that look identical to websites the target trusts, send emails that appear like they’re coming from people the target beliefs and use fake login pages and fake updates to hack into the target, you’ll also learn advanced social engineering techniques to lure the prey into visiting a malicious URL and hack into their system without even interacting with them. 3. Post Exploitation – In this section, you will learn how to interact with the systems you compromised, whether they use Windows, Linux, OS X, or Android. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, escalate your privileges, spy on the target, use the target computer as a pivot to hack other computers, and more! If your target uses Android, you’ll also learn how to read their messages, find their location, access their other accounts (such as Whatsapp, Facebook …etc.), and more! Finally, at the end of the course, you will learn how to protect yourself and your systems from these attacks. All the attacks in this course are practical attacks that work against real computers; in each technique, you will understand the theory behind it and how it works, and then you’ll learn how to use that technique in a real-life scenario so by the end of the course you’ll be able to modify these techniques or combine them to come up with more powerful attacks and adapt them to different scenarios and different operating systems. With this course, you’ll get 24/7 support, so if you have any questions, you can post them in the Q&A section, and we’ll respond to you within 15 hours. Notes: This course is created for educational purposes only, and all the attacks are launched in my lab or against devices I have permission to test. This course is a product of Zaid Sabih & Security; no other organization is associated with it or a certification exam. Although you will receive a Course Completion Certification from Udemy, apart from that, NO OTHER ORGANIZATION IS INVOLVED. Who this course is for: People who want to learn ethical hacking / social engineering People who want to learn how hackers hack into secure systems that do not have any vulnerabilities Anybody who wants to learn how to secure their systems from social engineering attacks [Hidden Content] [hide][Hidden Content]]
  3. Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. Course Requirement Setting Up Hacking Lab What Is Social Engineering Gathering Information Phshing Hack Computer Hack Android Kali Linux Redirect your Victim to Milicious Website [hide][Hidden Content]]
  4. apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding, and patching an APK. Features apk.sh basically uses apktool to disassemble, decode and rebuild resources and some bash to automate the frida gadget injection process. It also supports app bundles/split APKs. 🍄 Patching APKs to load frida-gadget.so on start. 🆕 Support for app bundles/split APKs. 🔧 Disassembling resources to nearly original form with apktool. 🔩 Rebuilding decoded resources back to binary APK/JAR with apktool. 🗝️ Code signing the apk with apksigner. 🖥️ Multiple arch support (arm, arm64, x86, x86_64). 📵 No rooted Android device is needed. Requirements apktool apksigner unxz zipalign aapt adb [Hidden Content]
  5. MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz Language: German | Size: 2.64GB | Duration: 3h 45m A perfect introduction to the topic What you'll learn you get to know all 32 and 64 bit registers you get to know all register commands which protection software is behind the exe dealing with IDA, X92DBG, Cutter,Die, Ghidra, Procdot,PROCMON dealing with Cheat Engine Requirements PC Have you always wanted to get started with reverse engineering? Then this course is the right introductory course for reverse engineering. Here you will learn how to test your EXE for vulnerabilities, how to bypass anti-debuggers and how assembler code is structured. However, before you start hacking, you first need to find out what the program was written in and what obfuscator or protection software was used to protect the program. Then let's look at all the assembler commands and register entries in theory and in the practice. You will also get to know the registry and learn how to pentest program trial versions. Of course, Procdot and Procmon, Fakenet-ng, which record all activities, including which server the program accesses, how often it does it, should not be missing. which files it creates, which files it changes due to the response from the server, etc. We can then evaluate these later and find out where individual values are stored and who owns the server and what the website is called. Of course, Cheatengine, Ghidra and IDA pro also help us, so that our effort is significantly reduced. As you can see, this course is a perfect introduction to the topic of reverse engineering. [hide][Hidden Content]]
  6. Intro Basics of data extraction (4 videos) 1. Is scraping legal? 2. Data extraction methods 3. Scraping DOM with code (PHP) 4. Scraping DOM without code 5. Extract data visually, without code 1. Scraping Instagram for profit (3 videos) 1. Deep dive #1 2. Deep dive #2 3. Putting it all together 2. Scraping Shopify for profit 1. Collecting keywords on the Shopify app store 2. Fetching results, ratings and reviews from the Shopify App Store 3. Find leads with technical marketing (5 videos) 1. Scraping competitor reviews (with code) 2. Exporting leads to a spreadsheet (with code) 3. Scraping competitor reviews (without code) 4. Using the power of Google to find lists of leads 5. Finding leads through technology lookups 4. Proxying requests (3 videos) 1. Intro to proxies 2. Proxying requests (no code) 3. Setting up a data collector (no code) [Hidden Content] [hide][Hidden Content]]
  7. Social Engineering: How Crowdmasters, Phreaks, Hackers, and Trolls Created a New Form of Manipulativ e Communication. [hide][Hidden Content]]
  8. efiXplorer – IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: every time we focus on the last versions of IDA and Decompiler because trying to use the most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations. Why not IDApython: all code developed in C++ because it’s a more stable and performant way to support a complex plugin and get the full power of the most recent SDK’s features. Supported Platforms: Win, Linux, and OSX (x86/x64). [hide][Hidden Content]]
  9. Beginner Learning Materials on Reverse Engineering Video Games Here is a compiled list based on personally recommended learning materials to help people with the process of learning how to reverse engineer video games. I hope it will help others spend more time learning and less time searching. Majority of the collected resources here will be focused on reversing PC games on the Microsoft Windows operating system with x86 assembly in mind over x64 as it is easier to learn. Reversing engineering video games is more often than not related to "game hacking", they come and go together so don't be surprised if some of the learning materials come from such sites/sources. [Hidden Content]
  10. Cutter is a Qt and C++ GUI for radare2. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers. Disclaimer Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users because of the learning curve, because they don’t like CLI applications or because of the difficulty/instability of radare2. Changelog v2.1.2 Generate and deploy a real source tarball including submodule contents (Fix ) () Fix build on 32-bit systems. () Do not check “Built from source” in bug report template by default. Memory leak fix in basic block highlighter. Construct and destruct CutterCore singleton locally (Fix ) () Remove direct download from update check () Update rizin to stable v0.4.1 [hide][Hidden Content]]
  11. How to Avoiding Social Engineering and Phishing Attacks? Avoiding Social Engineering and Phishing Attacks! Because of the Lockdown caused by the COVID-19 virus, the skills and quantity of hackers have increased a lot. And now they are doing a lot of illegal things, to scam and hack others to get money. And most people are victims of two tricks, Social Engineering and Phishing Attacks, these scams look so simple and appealing that one believes in them and becomes their victim. So today, here you'll know about Social Engineering and Phishing Attacks, and how to avoid them so that you can stay secure. What is Social Engineering? Social Engineering is easy to understand, the hacker uses his social skills to trick you and get your information. The hacker while talking to you will try to be a good guy, respectable and all, and the victim starts trusting the hacker and gives him enough information that the hacker can infiltrate your banks and devices. These hackers are very smart and good with their skills and they'll make the victim trust them. What is a Phishing Attack? A phishing attack is a type of Social Engineering. Still, in phishing attacks, the hacker doesn't communicate with the victim, he'll trick the victim with a website that will have free offers. When someone opens the website and gives their info to get the free things, the hacker takes that info and uses it to go further and breach your privacy. How to Indicate a Phishing Attack? Always check the sender's mail Or the website domain, before entering any sensitive information. Phishing sites mostly contain suspicious mail or unusual domain names (eg - .gr, .os, .do, etc). Only trust domains with .com, .org, or your country domain name (such as .in for India). A hacker doing phishing attacks will never give any contact information to you, always check if there is anything to contact the site. If there is nothing to contact on the website don't trust it. A lot of hackers, while doing a phishing attack, make many grammar mistakes and create an unusual or ugly layout. So if you see any grammar mistakes on the site, exit the site as soon as possible. Never download anything from unknown sources, the website will convince you to download the file and run it, this is the most used method to spread malware. Only download from trusted or verified sources. How can you Avoid Becoming a Victim of Phishing Attacks and Social Engineering? Don't trust anyone being too polite, chatting unnecessary, or asking too much info neither on call nor on SMS or mails. If someone claims to be from an organization, always verify his identity before engaging with him. Never provide your personal information to anyone other than the organization's legitimate persons. Never reveal your financial status to anybody, if the hacker gets to know about it, he'll try every possible thing to make you a victim. Never give any permission to unknown sources or websites. If you even allow single permission to hackers, they can hack your entire device. Use Multi-Factor Authorization, on every account you've. In case you become a victim, the hacker won't be able to login into your accounts easily. Use Anti-Virus services, anti-viruses help a lot to save you from hacker attacks. Conclusion Hackers are getting advanced, not day by day but every hour, every single hour they are looking for new things, learning new things to hack. Never trust anybody, and don't be greedy and give your personal information to others. And if you think you've been hacked, change the password of everything, close every bank account and report the attack to the police Or cybercrime.
  12. pwndbg (/poʊndbæg/) is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers. Why? Vanilla GDB is terrible to use for reverse engineering and exploit development. Typing x/g30x $esp is not fun, and does not confer much information. The year is 2022 and GDB still lacks a real hexdump command! GDB's syntax is arcane and difficult to approach. Windbg users are completely lost when they occasionally need to bump into GDB. [hide][Hidden Content]]
  13. This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has a snapshot deserialization process modified to allow you to perform dynamic analysis in a convenient way. Key features: socket.cc is patched for traffic monitoring and interception; dart.cc is modified to print classes, functions, and some fields; display absolute code offset for functions contains minor changes for successful compilation; if you would like to implement your own patches, there is a manual Flutter code change is supported using a specially craftedDockerfile Supported engines Android: arm64, arm32; iOS: arm64; Release: Stable, Beta [hide][Hidden Content]]
  14. Cutter is a Qt and C++ GUI for radare2. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers. Disclaimer Cutter is not aimed at existing radare2 users. It instead focuses on those whose are not yet radare2 users because of the learning curve, because they don’t like CLI applications or because of the difficulty/instability of radare2. Changelog v2.1 Additions Adds signatures widget for managing FLIRT signatures Supports and bundles SigDB, a library of FLIRT signatures for commonly found libraries Bundles the new Yara plugin to apply and create yara rules Bundles Apple Swift demangler Adds option to fill missing bytes with nops when editing an instruction Adds hexeditor option to write hex bytes Adds option to add comments directly from hexdump widget Uses RzAnnotatedCode with JSDec for colored output with semantic information Adds double click to seek to global variable in decompiler widget Adds report issue button in “About” Many internal rizin commands has been translated to their C equivalent Enables console redirection on Windows Bugfixes Adds missing Rizin headers in Python bindings Fixes gdbserver segfault [hide][Hidden Content]]
  15. Social engineering tool [Access Webcam & Microphone & Location Finder] With Python. Features: Get Device Information Without Any Permissions Access Location [SMARTPHONES] Access Webcam Access Microphone [hide][Hidden Content]]
  16. HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used to hook any method in any module (even non-exported ones, and even those that don’t have an entry in their own module’s symbol table). In a single operation, it can be applied to a parent process and all its child processes, whether or not the child processes inherit their parent’s environment. So HookCase is considerably more powerful than DYLD_INSERT_LIBRARIES. It also doesn’t have the restrictions Apple has placed on DYLD_INSERT_LIBRARIES. So, for example, HookCase can be used with applications that have entitlements. HookCase supports interpose hooks. But it also supports another, more powerful kind of hook that we call “patch hooks”. These can hook calls to a method named in its module’s symbol table, including ones that come from the same module. They can also hook calls to an unnamed method (one that isn’t in its module’s symbol table), by specifying the method’s address in its module. So they can be used with non-exported (aka private) methods (named and unnamed) — ones not intended for use by external modules. Patch hooks are so-called because we set them up by “patching” the beginning of an original method with a software interrupt instruction (int 0x30). HookCase’s kernel extension handles the interrupt to implement the hook. This is analogous to what a debugger does when it sets a breakpoint (though it uses int 3 instead of int 0x30). Software interrupts are mostly not used on BSD-style operating systems like macOS and OS X, so we have plenty to choose among. For now, we’re using those in the range 0x30-0x34. Whatever their disadvantages, interpose hooks are very performant. They’re implemented by changing a pointer, so they impose no performance penalty whatsoever (aside from the cost of whatever additional code runs inside the hook). Patch hooks can be substantially less performant — if we have to unset the breakpoint on every call to the hook, then reset it afterward (and protect these operations from race conditions). But this isn’t needed for methods that start with a standard C/C++ prologue in machine code (which is most of them). So most patch hooks run with only a very small performance penalty (that of a single software interrupt). HookCase is compatible with DYLD_INSERT_LIBRARIES and doesn’t stomp on any of the changes it may have been used to make. So a DYLD_INSERT_LIBRARIES hook will always override the “same” HookCase interpose hook. This is because Apple often uses DYLD_INSERT_LIBRARIES internally, in ways it doesn’t document. HookCase would likely break Apple functionality if it could override Apple’s hooks. But this doesn’t apply to patch hooks. Since Apple doesn’t use them, we don’t need to worry about overriding any that Apple may have set. If an interpose hook doesn’t seem to work, try a patch hook instead. (Unless you write them to do so, neither interpose hooks nor patch hooks inherently change the behavior of the methods they hook.) HookCase is compatible with lldb and gdb: Any process with HookCase’s interpose or patch hooks can run inside these debuggers. But you may encounter trouble if you set a breakpoint and a patch hook on the same method, or try to step through code that contains a patch hook. HookCase runs on OS X 10.9 (Mavericks) through macOS 10.15 (Catalina). Changelog v6.0.3 macOS 12.4 once again broke HookCase, by making changes that normally only happen in major releases. This time none of the breakage was caused by changes to internal kernel structures (though some of those used by HookCase did change). Instead it was caused by two changes in behavior. HookCase 6.0.3 works around them. For more information see Issue #34. [hide][Hidden Content]]
  17. efiXplorer – IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: every time we focus on the last versions of IDA and Decompiler because trying to use the most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations. Why not IDApython: all code developed in C++ because it’s a more stable and performant way to support a complex plugin and get the full power of the most recent SDK’s features. Supported Platforms: Win, Linux, and OSX (x86/x64). Changelog v4.1 [new feature] Improved SMI handlers recognition to support: SxSmiHandler, IoTrapSmiHandler, UsbSmiHandler and etc. [new feature] Improved child SW SMI handlers recognition and now annotated as ChildSwSmiHandler. [new feature] Added visual representation for NVRAM variables and additional context in JSON report: address, service name, var name and var GUID. [bug fix] Numerous improvements and bug fixes in code analyzer and firmware image loader Moving to support of IDA SDK v7.7 [hide][Hidden Content]]
  18. Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java Decompiler, GUI DEX2Jar, GUI Jar2DEX, GUI Jar-Jar, Hex Viewer, Code Searcher, Debugger and more. There is also a plugin system that will allow you to interact with the loaded classfiles, for example, you can write a String deobfuscator, a malicious code searcher, or something else you can think of. You can either use one of the pre-written plugins or write your own. It supports groovy scripting. Once a plugin is activated, it will execute the plugin with a ClassNode ArrayList of every single class loaded in BCV, this allows the user to handle it completely using ASM. Code from various projects has been used, including but not limited to: J-RET by WaterWolf JHexPane by Sam Koivu RSynaxPane by Robert Futrell Commons IO by Apache ASM by OW2 FernFlower by Stiver Procyon by Mstrobel CFR by Lee Benfield CFIDE by Bibl Smali by JesusFreke Dex2Jar by pxb1..? Krakatau by Storyyeller JD GUI/JD Core by The Java-Decompiler Team Enjarify by Storyyeller Key Features: Krakatau Integration for Bytecode assembly/disassembly. Smali/BakSmali Integration – You can now edit class files/dex files via smali! APK/DEX Support – Using Dex2Jar and Jar2Dex it’s able to load and save APKs with ease! Java Decompiler – It utilizes FernFlower, Procyon, and CFR for decompilation. Bytecode Decompiler – A modified version of CFIDE’s. Hex Viewer – Powered by JHexPane. Each Decompiler/Editor/Viewer is toggleable, you can also select what will display on each pane. Fully Featured Search System – Search through strings, functions, variables and more! A Plugin System With Built-In Plugins – (Show All Strings, Malicious Code Scanner, String Decrypters, etc) Fully Featured Scripting System That Supports Groovy. EZ-Inject – Graphically insert hooks and debugging code, invoke main and start the program. Recent Files & Recent Plugins. And more! Give it a try for yourself! Changelog v2.11.2 Notable Changes Java 18/19 support – @ThexXTURBOXx Security Manager has been adjusted to work on Java 18+ – @ThexXTURBOXx ASM update for Java 19 support – @ThexXTURBOXx Added Croatian, Czech, Bulgarian, Danish and Serbian translations – @Konloch Fixed running precompiled plugins – @Lucaskyy CFR interface improvements – @GraxCode / @ThexXTURBOXx Procyon update – @ThexXTURBOXx FernFlower update – @ThexXTURBOXx Jadx update – @ThexXTURBOXx Dependency updates and fixes- @ThexXTURBOXx Bytecode Disassembler improvements & additions – @GraxCode General bug fixes and improvements – @Konloch / @ThexXTURBOXx / @GraxCode And more! Thank you to everyone who has contributed to this patch. @ThexXTURBOXx / @Konloch / @GraxCode / @Lucaskyy [hide][Hidden Content]]
  19. Description *Get the Official Certificate after Completing the Course Learn Malware Analysis and Reverse Engineering Deeply with CRMA+ 2022 Course. Breaking something down and putting it back together is a process that helps people understand how things were made. A person would be able to redo and reproduce an origami by unfolding it first. Knowing how cars work requires understanding each major and minor mechanical part and their purposes. The complex nature of the human anatomy requires people to understand each and every part of the body. How? By dissecting it. Reverse engineering is a way for us to understand how things were designed, why is it in its state, when it triggers, how it works, and what its purpose is. In effect, the information is used to redesign and improve for better performance and cost. It can even help fix defects. It is amazing, and rather disconcerting, to realize how much software we run without knowing for sure what it does. We buy software off the shelf in shrink wrapped packages. We run setup utilities that install numerous files, change system settings, delete or disable older versions and superseded utilities, and modify critical registry files. Every time we access a Website, we may invoke or interact with dozens of programs and code segments that are necessary to give us the intended look, feel, and behaviour. We purchase CDs with hundreds of games and utilities or download them as shareware. We exchange useful programs with colleagues and friends when we have tried only a fraction of each program’s features. Then, we download updates and install patches, trusting that the vendors are sure that the changes are correct and complete. We blindly hope that the latest change to each program keeps it compatible with all of the rest of the programs on our system. We rely on much software that we do not understand and do not know very well at all. I refer to a lot more than our desktop or laptop personal computers. The concept of ubiquitous computing, or “software everywhere,” is rapidly putting software control and interconnection in devices throughout our environment. The average automobile now has more lines of software code in its engine controls than were required to land the Apollo astronauts on the Moon. Malware analysis is the study of malware’s behaviour. The objective of malware analysis is to understand the working of malware and how to detect and eliminate it. It involves analysing the suspect binary in a safe environment to identify its characteristics and functionalities so that better defences can be built to protect an organization’s network. Imagine if the Trojan Horse was thoroughly inspected and torn down before it was allowed to enter the gates of a city. This would probably cause a few dead soldiers outside the gate fighting for the city. The next time the city is sent another Trojan Horse, archers would know where to point their arrows. And no dead soldiers this time. The same is true for malware analysis—by knowing the behaviours of a certain malware through reverse engineering, the analyst can recommend various safeguards for the network. Think of it as the Trojan Horse being the malware, the analyst being the soldier who initially inspected the horse, and the city being the network of computers. Who this course is for: Beginner Reverse Engineers who curious about learning Reverse Engineering Beginner Malware Analyst who curious about learning Malware Analysis Requirements Basic Computer Understanding [Hidden Content] [Hidden Content]
  20. Description As android security is trending nowadays, it’s very necessary to learn about reverse engineering Android applications. This short course will give you a firm foundation to start your journey in android reverse engineering. Firstly, we will be covering some of the most used tools in android reverse engineering. Then we will move on to topics like decompiling, understanding smali and patching applications, etc. You will learn to extract the decompiled source code and understand the working of the application. Unlike other courses, we won’t be wasting half of our time setting up labs. we will be diving straight into our topics. Similarly, I won’t be wasting your time by explaining unwanted kinds of stuff and theory which don’t do any help This is a highly practical course so we will understand mostly everything reversing our custom-made crackme applications rather than just looking at theory and slides. Unlike earlier days, many applications are built using react native and flutter. So we will Reverse flutter and react native applications too. We will be also reversing .so objects using tools like Ghidra. After learning completing this course I’m sure that you develop the foundation to reverse, understand and patch basic android applications. You will be able to do basic android reverse engineering challenges. NOTE: This is an ongoing course remaining contents will be added weekly Who this course is for: CTF Players Bug Hunters Security Enthusiasts Anyone who’s interested in Android Reverse Engineering Requirements Some programming background is assumed Windows PC [Hidden Content] [hide][Hidden Content]]
  21. Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java Decompiler, GUI DEX2Jar, GUI Jar2DEX, GUI Jar-Jar, Hex Viewer, Code Searcher, Debugger and more. It’s written completely in Java, and it’s open source. It’s currently being maintained and developed by Konloch. There is also a plugin system that will allow you to interact with the loaded classfiles, for example, you can write a String deobfuscator, a malicious code searcher, or something else you can think of. You can either use one of the pre-written plugins or write your own. It supports groovy scripting. Once a plugin is activated, it will execute the plugin with a ClassNode ArrayList of every single class loaded in BCV, this allows the user to handle it completely using ASM. Code from various projects has been used, including but not limited to: J-RET by WaterWolf JHexPane by Sam Koivu RSynaxPane by Robert Futrell Commons IO by Apache ASM by OW2 FernFlower by Stiver Procyon by Mstrobel CFR by Lee Benfield CFIDE by Bibl Smali by JesusFreke Dex2Jar by pxb1..? Krakatau by Storyyeller JD GUI/JD Core by The Java-Decompiler Team Enjarify by Storyyeller Key Features: Krakatau Integration for Bytecode assembly/disassembly. Smali/BakSmali Integration – You can now edit class files/dex files via smali! APK/DEX Support – Using Dex2Jar and Jar2Dex it’s able to load and save APKs with ease! Java Decompiler – It utilizes FernFlower, Procyon, and CFR for decompilation. Bytecode Decompiler – A modified version of CFIDE’s. Hex Viewer – Powered by JHexPane. Each Decompiler/Editor/Viewer is toggleable, you can also select what will display on each pane. Fully Featured Search System – Search through strings, functions, variables and more! A Plugin System With Built-In Plugins – (Show All Strings, Malicious Code Scanner, String Decrypters, etc) Fully Featured Scripting System That Supports Groovy. EZ-Inject – Graphically insert hooks and debugging code, invoke main and start the program. Recent Files & Recent Plugins. And more! Give it a try for yourself! [hide][Hidden Content]]
  22. It is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to the nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also, it makes working with the app easier because of project-like files structure and automation of some repetitive tasks like building apk, etc. Features Disassembling resources to the nearly original form (including resources.arsc, classes.dex, 9.png. and XMLs) Rebuilding decoded resources back to binary APK/JAR Organizing and handling APKs that depend on framework resources Smali Debugging (Removed in 2.1.0 in favor of IdeaSmali) Helping with repetitive tasks Changelog v2.6.1 Begin options refactor by @iBotPeaches in #2648 fix: decoding references to private resources by @MrIkso in #2650 fix: support for signature scheme v4 by @iBotPeaches in #2705 Replace use of deprecated methods with their recommended replacements by @alsutton in #2713 Update dependencies by @Goooler in #2715 Cleanup trailing temp files/folders by @iBotPeaches in #2742 fix: prevent file hold on tmpDir during build by @iBotPeaches in #2745 refactor: drop unused exceptions by @iBotPeaches in #2746 Preventing instantiation of untrusted classes. by @iBotPeaches in #2760 [hide][Hidden Content]]
  23. APK Lab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali Decompile the APK to Java source Analyze & Hack effectively with feature-rich VS Code Build an APK from Smali and resources Sign the APK seamlessly during the build Install the APK directly from VS Code Support for Apktool-style projects (apktool.yml) Support for most Apktool CLI arguments Android resource frameworks management (Coming soon!) Support for user-provided keystore for APK signing Download and configure missing dependencies Excellent Smali language support with Smalise Supports Linux, Windows, and Mac Changelog v1.6 Added Jadx updated to v1.3.2 (ci) more tests Fixed fixed an issue related to Windows cd command (thanks @Forgo7ten) (ci) attempt to fix quark tests on Windows (again!) (dev) fixed the webpack-problem-matcher extension name (dev) updated deps [hide][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.