Browsing All Posts filed under »tools«

A new Course: “Software Exploitation via Hardware Exploitation”

January 31, 2014 by

9

For the last couple of years we’ve been teaching Practical ARM Exploitation. It’s sold out at every public offering (CanSecWest 2012 and BlackHat 2012 & 2013) and we’ve been fortunate enough to give it privately to a number of really amazing organizations. In 2011 we did a talk entitled “Hardware Hacking For Software People” at […]

The USB Condom

September 12, 2013 by

0

So a while back, @drakkhen and I were chatting and he suggested a simple device that would let him “airgap” his mobile devices from his computer but still use them for power. Like a “Charge-Only” USB cable but in an “adapter” form that you could use on normal USB Cables (the only previous alternative was […]

A Lackluster ‘Hack Cluster': ARM Exploitation Lab Preview

March 1, 2012 by

2

As we have announced in other blogposts we’ve been researching mobile platforms quite a bit (specifically those that use the ARM microprocessor). We compiled all of our notes on ARM reverse engineering and ARM exploitation and built a course called “Practical ARM Exploitation” that we will be publicly debuting this coming week at CanSecWest.  The […]

Hardware Hacking for Software People

August 25, 2011 by

7

For most of my career as a software developer/security researcher I’ve romanticized ‘hardware hacking’. In my late teens and early twenties as I was learning about software development and software security I would occasionally buy Nuts and Volts from Microcenter and read Karl Lunt‘s Amateur Robotics column. Having devoured William Gibson‘s oeuvre in my late […]

SMT Solvers Summerschool at MIT

June 20, 2011 by

0

Earlier this summer Beans attended the weeklong SMT Solver Summer school held at MIT campus in Boston, Mass. Over the last few years having seen some of the presentations by Pablo Sole on DEPLIB, blogposts by Sean Heelan, and having messed around a little bit with the REIL in BinNavi we were really curious to get a […]

Greyhat Ruby (Source Boston)

April 27, 2011 by

6

In 2011, I (Stephen A. Ridley) don’t plan on attending too many conferences that require far away travel for many reasons. 1) My work isn’t as interesting anymore ;-( and 2) I can’t travel as easily with Sammiches. With Boston being in the northeast (close to us) we decided we’d try SourceBoston out for the […]

WhoHasTlb? : Extracting TypeLib data from COM Objects

September 16, 2010 by

4

So let’s say that you’re sitting down to a project (perhaps a malware analysis gig, fuzzing something, or just reversing) and you realize that most of the target is implemented in COM/ActiveX Objects. What would really help you starting off on this project is a human readable version (IDL) of the TypeLib associated with the […]

Follow

Get every new post delivered to your Inbox.