Leaderboard

1. Balbuzard Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns. 2. de4dot de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will try its best to restore a packed and obfuscated assembly to almost the original assembly. Most of the obfuscation can be completely restored (eg. string encryption), but symbol renaming is impossible to restore since the original names aren’t (usually) part of the obfuscated assembly. It uses dnlib to read and write assemblies so make sure you get it or it won’t compile. 3. FLOSS FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. 4. iheartxor iheartxor can be used to bruteforce xor encoded strings within a user defined regular expression pattern (-r). The default search pattern is a regular expression of that searches for data between null bytes (‘\x00’). The tool can also be used to do a straight xor on a file with -f file.name -k value. The value must between 0x0-0x255. 5. NoMoreXOR NoMoreXOR helps guess a files 256 byte XOR key by using frequency analysis. 6. PackerAttacker The Packer Attacker is a generic hidden code extractor for Windows malware. It supports the following types of pacers: running from heap, replacing PE header, injecting in a process. 7. unpacker unpacker is a automated malware unpacker for Windows malware based on WinAppDbg. 8. unxor unxor will search through an XOR-encoded file (binary, text-file, whatever) and use known-plaintext attacks to deduce the original keystream. Works on keys half as long as the known-plaintext, in linear complexity. 9. VirtualDeobfuscator VirtualDeobfuscator is a reverse engineering tool for virtualization wrappers. The goal of the Virtual Deobfuscator is to analyze a runtrace and filter out the VM processing instructions, leaving a reverse engineer with a bytecode version of the original binary. 10. XORBruteForcer XORBruteForcer is a python script that implements a XOR bruteforcing of a given file, although a specific key can be used too. It’s possible to look for a word in the xored result, minimizing the output. 11. XORSearch XORSearch is a program to search for a given string in an XOR, ROL, ROT or SHIFT encoded binary file. XORSearch will try all XOR keys (0 to 255), ROL keys (1 to 7), ROT keys (1 to 25) and SHIFT keys (1 to 7) when searching. 12. XORStrings XORStrings will search for strings in the (binary) file you provide it, using the same encodings as XORSearch (XOR, ROL, ROT and SHIFT). For every encoding/key, XORStrings will search for strings and report the number of strings found, the average string length and the maximum string length. 13. xortool xortool is a python script that will attempt to guess the XOR key length (based on count of equal chars), as well as the key itself (based on knowledge of most frequent char). If you know of any more deobfuscation tools that you think should be on this list, please let me know by leaving a comment on this post and I will get them added. Sursa: https://hackerlists.com/deobfuscation-tools/ de pe acelasi blog: Android Reverse Engineering Tools - https://hackerlists.com/android-reverse-engineering-tools/

Ce nisa e pagina, poate un link si niste poze cu statistici te-ar ajuta sa vinzi.

--[ Tools and Basic Reverse Engineering --[ Extended Reverse Engineering --[ Introduction to Memory Corruption --[ Shellcoding --[ Format Strings --[ DEP and ROP --[ Secure Systems and Game Console Exploitation --[ Address Space Layout Randomization --[ Heap Exploitation --[ Misc Concepts & Stack Canaries --[ C++ Concepts and Differences --[ Kernel Exploitation --[ Exploitation on 64bit, ARM, Windows --[ Automation & The Future of Exploitation http://security.cs.rpi.edu/courses/binexp-spring2015/

@Andrei , daca se poate, cateva intrebari, referitoare la proiectele mentionate aici http://gov.ro/ro/stiri/cei-20-de-bursieri-ai-programului-govithub-intra-in-actiune . Este posibil ca eu fiind plecat de mai multi ani din tara sunt rupt de "realitate", daca e asa spune-mi: "Prietenul pacientului – un sistem funcțional de colectare a feedback-ului pacientului;" - cumva frectie la picior de lemn.. folosind termeni "medicali"? Feedback iti da orice pacient si e relativ usor de colectat si sintetizat. Nu cumva sunt alte prioritati referitoare la spagi, ore de lucru, cadre medicale habarniste, infectii si alte cele? "Stop cozi – un sistem de programare și informare în privința cozilor de la ghișee." - how about eliminarea lucrurilor care genereaza cozile? Birocratia, legile stupide, coruptia, etc. "Business Start – o aplicație ce va explica diferitele forme juridice din România, cu avantaje și dezavantaje pentru antreprenori și în ce cazuri sunt recomandabile;" - mi se pare mie sau e un fel de wiki mai fancy? Nu e nevoie de aplicatie, se poate face ceva de genul in Articulate Storyline sau Captivate si in functie de ce aleg - (contextul lor) - vad raspunsurile. Iar apoi se poate publica in html5, etc. "RoadRo – o aplicație ce permite cetățenilor să raporteze abuzuri ale șoferilor (în primă fază parcări ilegale, ulterior încălcări majore ale codului rutier);" - Dar cei care nu folosesc smartphone-uri oare nu sunt discriminati? How about rezolvarea problemelor care genereaza parcarile ilegale, incalcarile codului rutier, etc.? Construire de strazi si autostrazi, reglementarea codului rutier stupid, strictetea cu care se acorda permise de conducere, minimalizarea regilor drumurilor care fura pe capete, etc. Per total, pare a fi proverbialul "inel de aur pus în râtul unui porc". Insa poate ca sunt eu pesimist, cinic, smintit si rupt de realitate... LE: lectura... https://republica.ro/znu-merge-sistemu-doamna-veniti-maine-ruina-unei-tari-bolnave-in-care-tu-vei-fi-singurul-vinovat-atunci

Table of Content Introduction Authentication Ensure Security of Standard and Default Accounts Users Privilege Separation Ensure Password Security Enforce Password Security Two Factor Authentication Automatic Login and User Lists Guest Accounts Restrict Sudoers file Automatically Lock the Login Keychain General Configuration Gatekeeper Disable Diagnostics Disable Handoff Tracking Services FileVault Firewall Require Administrator Password Screensaver and Un-locking Filename Extensions System Updates Prevent Safari from Opening Known File Types Set Strict Global Umask Technical Configuration Disable Bluetooth Firmware Password Setuid and Setgid Disable Core Dumps Network and Communication Security Advanced Firewall Disable Wake on Lan Disable Apple File Protocol (AFP) Disable Unnecessary Services Disable Sharing Harden TCP/IP Kernel Parameters Enable Network Time Synchronization via NTP Disable Bonjour (mDNS) Recommended Applications Little Snitch Micro Snitch BlockBlock Lockdown RansomWhere? Dylib Hijack Scanner Lynis Introduction ERNW has compiled the most relevant settings for OS X 10.11 El Captain into this compilation of security recommendations. This document is supposed to provide a solid base of hardening measures to enhance the system security and still remaining commonly applyable. Settings which might have severe impact on the functionality of the operating system and need a lot of further testing are not part of this checklist or marked as optional. We have marked each recommended setting in this checklist either with “mandatory” or “optional” to make a clear statement, which setting is a MUST (mandatory) or a SHOULD (optional) from our point of view. “Optional” also means that we recommend to apply this setting, but there may be required functionality on the system that will become unavailable once the setting is applied. Important: This Guide will force you to Disable SIP (System Integrity Protection) a few times. After the hardening is done, please make sure you enable SIP again. Articol complet: https://github.com/ernw/hardening/blob/master/operating_system/osx/10.11/ERNW_Hardening_OS_X_EL_Captain.md

Guys, links are dead, can anybody reupload it?