Tag: tool

In this blog post we present SightHouse, an open-source tool designed to assist reverse engineers by retrieving information and metadata from programs and identifying similar functions already known from other libraries, binaries or any other source codes that can be found online.

An introduction to Wirego, a tool for Wireshark plugin development

During an assumed breach ops via a virtual desktop interface, we discovered a wildcard allow firewall rule for the Azure Blob Storage service. We proved that even with restrictions in place, it was still possible to reach the Internet. Afterwards, we thought of abusing this firewall misconfiguration (recommended by Microsoft) in a much more useful way. To demonstrate that I built a SOCKS5 proxy that uses blobs to tunnel traffic to the target's internal network.

Following a brief introduction to differential fuzzing, this blog post reviews the leading tools that leverage it for testing cryptographic primitives. In the second half, we present a method for creating a differential fuzzer along with the results we obtained.

In this blog post we present crypto-condor, an open-source test suite for compliance testing of implementations of cryptographic primitives.

Analyzing an automotive ECU firmware is sometimes quite challenging, especially when you cannot emulate some of its most interesting functions to find vulnerabilities, like ECUs based on Renesas RH850 system-on-chips. This article details how we managed to add support for this specific architecture into Unicorn Engine, the various challenges we faced and how we successfully used this work to emulate and analyze a specific function during an assignment.

In this blogpost, we present Hydradancer, a new board for Facedancer based on HydraUSB3 allowing faster USB peripherals emulation.

Ever wanted to find a nice tool to easily represent cartography results and other graphs? The Sourcetrail tool could be a nice solution! In this blog post, we will introduce two of our tools: Numbat, a new Python API for Sourcetrail, and Pyrrha, a mapper collection for firmware cartography.

We announce the release of a new version of Blue Galaxy Energy, our white-box cryptanalysis tool implementing the BGE attack against AES. This version addresses the main limitations of the previous version.

We introduce a new white-box cryptanalysis tool based on the pioneering BGE paper but without known open source public implementation so far.