برچسب: reverse engineering

After a sold-out course last year at Blackhat, we are back with an updated version of our course with additional coverage of ARM64, mobile browser security, and more in-depth coverage of Mobile apps and operating system security. The class starts with a basic introduction to the ARM instruction set and calling conventions followed by some reverse engineering exercises.  We then learn how to write simple exploits for the ARM64 environment. Next, we move to Mobile browser security, understand some of the browser mitigations followed by writing some simple exploits for the mobile browser. We then cover iOS and Android internals in further detail. We then discuss some of the exploitation techniques using real-world vulnerabilities (e.g., voucher_swap, checkm8, etc) followed by a walkthrough of how jailbreaks are written. We also discuss some of the common vulnerability types (Heap Overflows, Use-after-free, Uninitialized Stack variable, Race conditions). We will also look at how to build the Android kernel, customize it using Kernel tunables and then use a 1-day vulnerability to gain kernel r/w access. The training then moves on to application security based on exploiting the Damn Vulnerable iOS app, Android-lnsecureBankv2, and lnsecurePass application written by the authors of this course in addition to a broad range of other real-world applications. We then cover a variety of mitigations deployed in real-world apps and discuss how to bypass them. Slides, videos and detailed documentation on the labs will be provided to the students for practice after the class. Corellium access will be provided to students during the duration of the training course.

Syllabus

  • Introduction to ARM64 and Mobile Browser Security [2 modules]
  • iOS Exploitation
  • Android Exploitation

Offensive Mobile Reversing And Exploitation (2021)

ادامه مطلب

The NSA spent years developing Ghidra as its own internal reverse engineering suite. Now, thanks to the Technology Transfer Program, these powerful capabilities are readily available to the world. With support for dozens of architectures, Ghidra is rapidly gaining popularity as a tool of choice for analyzing compiled code. Ghidra’s extensibility through Java and Python scripting make it ideal for malware analysis and vulnerability research tasks. This class is a hands-on, example-driven introduction to reverse engineering with Ghidra. Attendees will learn the basics of using Ghidra to analyze executables before diving into examples of progressively more sophisticated reverse engineering countermeasures. As topics are introduced, students will reinforce what they’ve learned by solving reverse engineering challenges. Students may work independently or in groups to solve any of the introduced Capture the Flag style challenges. On the first day of this course, students will get familiar with Ghidra and how to create projects and import files. Students will learn how to analyze a program, follow its execution flow, and start customizing the disassembly and associated pseudocode. New for 2022, students will also get hands on time using the Ghidra’s debugger integration as well as newly updated support for binary patching. As we analyze more complicated examples, students will learn about basic tricks malware developers use to obscure functionality. We’ll look at how to identify strings being crafted within code, as well as dealing with code hidden in data sections to escape analysis. These examples will help illustrate how different options and built-in tools are used to improve analysis results. The second day brings more complicated challenges, including layered obfuscation and encryption. The lessons on this day will review in greater detail how to use the Python interpreter in Ghidra. Students will ultimately design and use custom Python scripts to analyze real malware.

BHEU21 – Reverse Engineering with Ghidra (2021)

ادامه مطلب

Through OALABS we want to bring you the kind of reverse engineering tutorials that we wished we had when we were first learning to analyze malware. With Patreon we offer access to a wide variety of tutorials and workshops aimed at all skill levels. Our RE101 level tutorials cover important topics like how to setup a malware analysis lab, as well as reverse engineering fundaments like learning assembly, and how to use a debugger. Our RE201 level tutorials cover malware analysis specific topics like how to bypass anti-analysis checks in malware, and how to resolve dynamic imports. Our RE504 level tutorials cover advanced reverse engineering topics like how to bypass software protectors such as Themida, and VMProtect. Patreon also allows us to maintain a set of free publicly available malware analysis tutorials on YouTube as well as weekly malware analysis streams on Twitch.

ادامه مطلب

Reversing Hero course is a very good course for people who want to learn reverse engineering from beginner to intermediate level. This course consists of 12 hours of video, the degree of difficulty of which increases step by step, and also in the Reversing Hero course, you have to try to solve the given exercises by yourself, and if you are completely stuck, you can watch the video of the solution to the exercise.

Reversing Hero

ادامه مطلب

In this CSP course, you will apply all the knowledge and skills taught in the CSL course to crack real software.  Real software are commercial proprietary software.  We are doing this for educational purposes and not to harm software developers. This skill and knowledge benefits developers in that they are better able to secure their software. The concept is similar to ethical hacking – the only way to defend against hackers is to know how hackers break in. Similarly, for software security. The best way to improve software security is to learn how software is being cracked.

ادامه مطلب

Cracking Software Legally (CSL) course is reverse engineering training and software penetration testing legally. In this course, you will learn about reverse engineering and Assembly language. Also, this course will provide valuable information for people who work in the field of Malware Analysis and Exploit Development. Gives.

Syllabus

  1. Introduction
  2. Creating a Sandbox for Cracking Software
  3. Introduction to crackme’s
  4. Introduction to x64dbg and Detect it Easy (DIE)
  5. Setting up your cracking workspace and workflow
  6. Debugger Stepping Basics
  7. Stepping Into Calls
  8. Breakpoint
  9. Reversing Jumps
  10. How to patch a program
  11. Summary of Cracking Software Workflow
  12. Introduction to cracking gui-based programs
  13. Analyzing the PE for a gui-based program
  14. Crack the Serial Key using BP on strings
  15. Windows api functions & the stack
  16. Patching to bypass wrong serial key message
  17. Setting Breakpoints on Intermodular Calls
  18. Setting BP from the Call Stack
  19. Cracking Registration File Checks
  20. Removing Nag Screens
  21. Cracking Trial Period Software
  22. Cracking Auto-Generated Serial Keys
  23. Removing Nag Screen by TDC
  24. Cracking by patching eax register values
  25. Cracking via Hardware Breakpoints
  26. How to Change Serial Key By Patching Memory Directly
  27. xAnalyzer Static Code Analyzer
  28. Serial Fishing – how to extract serial key
  29. Cracking Software Protection
  30. Cracking software using loaders
  31. Cracking Software’s Anti-Debugging Protection
  32. Cracking Software that has a combination of Packing Anti-Debugging
  33. Keygens
  34. Assembly Language Programming for Reversers
  35. Creating an External Keygen
  36. Cracking Visual Basic 6 Native compiled software
  37. Cracking VB6 p-code Software
  38. x64dbg tools usage
  39. Cracking .NET Framework Software (C# and VB.NET)
  40. Cracking .NET Software Protection
  41. Understanding the Process of De-obfuscation
  42. Cracking DLL’s

Cracking Software Legally (CSL)

ادامه مطلب