| Tweetovi |
| Javier Yuste proslijedio/la je tweet | ||
|
Joshua Saxe
@joshua_saxe
|
28. sij |
|
1\ Surprisingly, you could build a very mediocre PE malware detector with a single PE feature: the PE compile timestamp. In fact, I built a little random forest detector that uses only the timestamp as its feature that gets 62% detection on previously unseen malware at a 1% FPR.
|
||
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
LAB52
@LAB52io
|
17. sij |
|
This weekend we have to re-read these posts about Russian Cyber Intelligence Community securityartwork.es/2016/12/07/the… from @securityartwork ...and also we have to hang this picture. Don't ask us why... #Russia #APT #intelligence pic.twitter.com/nYWgFz3uN5
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Arvind Narayanan
@random_walker
|
4. sij |
|
People giving career advice should specify the sample that it's based on. Human nature is to overgeneralize from personal experience, so most advice should be considered suspect for being based on a sample size of 1. That's why there's so much conflicting advice on any topic.
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Ben Buchanan
@BuchananBen
|
3. sij |
|
My thanks to @HowellONeill for his kind coverage of my upcoming book, The Hacker and the State. It’s exciting to release the book at a moment when cyber operations seem more poised than ever to shape international affairs—for better or for worse. technologyreview.com/s/614974/hacke…
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Evan Walls
@fuzzwalls
|
12. pro |
|
All @devttyS0's IDA scripts have (finally) been ported to Ghidra. Woohoo! github.com/fuzzywalls/ghi…
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Rolf Rolles
@RolfRolles
|
28. stu |
|
Somehow I missed there's a whole Ph.D. thesis on symbolic abstraction: thakur.cs.ucdavis.edu/assets/pubs/th… Looks pretty readable, too.
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
MalwareTech
@MalwareTechBlog
|
8. stu |
|
When the news broke about BlueKeep exploitation in the wild, most of the reactions were basically "it's not a worm, so it doesn't matter". I decided I'd do a thread on why that's wrong, and why a worm isn't even a worst case scenario.
THREAD:
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
mich
@0x6d696368
|
4. stu |
|
Is there interest for something like Lumina for Ghidra?
A script that sends FID hashes as queries to a server which returns a function name and signature.
An additional script that allows uploading local FID hashes with associated function names and signatures. twitter.com/cveiche/status…
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
|
mich
@0x6d696368
|
21. lis |
|
Pushed the results of the 160GiB libc collection analysis project to github.com/threatrack/ghi…
The repo now contains Function ID hashes for almost 1M functions. 959055... so close.
Anything more to add? More compiler libraries? twitter.com/0x6d696368/sta… pic.twitter.com/kNWP6uzEgK
|
||
|
|
||
|
Javier Yuste
@JavierYusteM
|
30. ruj |
|
Yeah, that makes sense. Thanks!
|
||
|
|
||
|
|
Javier Yuste
@JavierYusteM
|
30. ruj |
|
Does adding Microsoft uris bypass something? #Emotet pic.twitter.com/LLHG3ozSDr
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Lorenzo Cavallaro
@lcavallaro
|
16. kol |
|
Evasive attacks on ML classifiers are scary but we know little about adversarial ML in the problem space: we may need to rethink the whole formalization, incl. optimization and constraints for a principled approach - come and talk to us @USENIXSecurity poster session #usesec19 pic.twitter.com/WxaWElHiWa
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
paπcake🎗🌱
@trufae
|
3. kol |
|
I just presented my Ghidra plugin at #BlackHat and pressed the “publish” button in github. Enjoy! github.com/radare/ghidra-…
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
CryptoInsane
@CryptoInsane
|
31. srp |
|
Automated Deobfuscation of Android Native Binary Code
arxiv.org/pdf/1907.06828… pic.twitter.com/1BJadbVBlX
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
NowSecure
@NowSecureMobile
|
31. srp |
|
During the @BlackHatEvents USA 2019 Mobile App Security Training we're releasing a plug-in for Ghidra that starts a r2web server and lets multiple r2 instances interact with it. Stay tuned! #BlackHat2019 @radareorg pic.twitter.com/gIXU4Ts3Ty
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Aleph Research
@alephsecurity
|
9. srp |
|
Researching obscure architectures sounds challenging to you? We thought so too, so we developed a disassembly and analysis plugin for #radare2 to make things easier! Read on to learn how we did it. alephsecurity.com/2019/07/09/xia…
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Cutter
@r2gui
|
28. lip |
|
We created a list of community plugins and scripts for Cutter 😎
From malware analysis to code coverage visualizers.
Check it out @ github.com/radareorg/cutt…
We invite you to write more plugins for Cutter following our documentation: cutter.re/docs/plugins
|
||
|
|
||
| Javier Yuste proslijedio/la je tweet | ||
|
Itay Cohen🌱
@megabeets_
|
24. tra |
|
My new article has just been published! 🚀 Deobfuscating the graphs of Ocean Lotus' (APT32) malware using Cutter and radare2 Python plugins.
Check it out @ research.checkpoint.com/deobfuscating-… | @radareorg @r2gui pic.twitter.com/eEZdvZ9Gv2
|
||
|
|
||
|
|
Javier Yuste
@JavierYusteM
|
21. velj |
|
Fixing a bug after 48 hours of pain feels so relieving
|
||
|
|
||
|
|
Javier Yuste
@JavierYusteM
|
6. velj |
|
Aesthetics pic.twitter.com/tFqn4HdmjT
|
||
|
|
||