This repository contains RCEd code extracted from Stuxnet binaries via disassembler and decompilers.
Many of you might find it wrong that both I and Mr. Amr Thabet copyrighted our code, I mean it is "stolen" code extracted from malware binaries, right?
I understand that it might look silly, but both of us spent hundreds, if not thousands, of hours between ASM code trying to figure out what was behind those binaries and we are providing the product of our hard work (i.e. readable C code) to you for free. It is not a simple job and it is not a short job, both our licenses are extremely permissive, you can do whatever you want with the code provided in this repository, the only thing I'd like to ask you is that our job get recognized and that when you use this code for analysis, blog posts, or university thesis you show us your support by giving us credit for what we did.
That's all. Thanks to all of you!
I've reverse engineered the power board from a Thinkpad 700C. The P/N is 35G4785, and the FRU number is 48G3712. A very similar or identical board is also present in the Thinkpad 700. The schematic isn't perfect. Open a bug report if you find a mistake. Not all components were identified. A number of parts did not have designators on the silkscreen, so I assigned them new ones starting at 300.
The circuit board has four layers and an aluminum core, presumably for heat dissipation.
Do not fabricate this design. The PCB layout is for reference only. There are ground plane cuts in layer User.9 that need to get transferred to the ground plane. There are minor footprint differences as well. There are still unidentified components in the bill of materials.
Did you know that Ghidra automatically detects and renders image and audio files embedded in a binary, including animated GIFs?
Open surprise in Ghidra for a nice surprise.
Build with make. I used CC=arm-linux-androideabi-gcc for the heck of it.
This is a playground (and dump) of stuff I made, modified, researched, or found for the Flipper Zero.
There's a lot of everything in here, from customized apps, BadUSB scripts, hardware specs for modders, GPIO interface shenanagains and interface pinouts, hardware troubleshooting, sound and music stuff, and sub-GHz captures and dissections for just about everything. It's an impressive collection.
A reverse-engineering tool for docker environments. Takes all network connections from your docker containers and can export them as:
- graphviz .dot files
- structurizr dsl
- json stream of elements
OS-independent, it uses different strategies to get container connections. Produces detailed connections graph with ports. Fast, scans ~400 containers in around 5 seconds. Right now only established and listen connections are listed.
This project aims to reproduce the LMSI CM-153 card needed to operate a Philips CM-100 CD-ROM drive. This drive was originally released in 1985 and used an early version of the LSMI protocol to connect. Later versions of LMSI cards, such as the CM-260, are not compatible with earlier drives (I do not know what the exactly compatibilities are). So an early card is required. The CM-153 is a very uncommon part to find due to it's limited use, high cost, and the fact that it would probably be tossed out with the computer when upgraded being separated from its original drive.
Thanks to Roland who has a working CM-100 and CM-153 we have some pretty high quality reference images of what this card looks like. It uses all off the shelf 74 series logic chips and one 8251A UART controller. It should therefore be possible to recreate without needing any rare chips or ROM dumps.
The card has been fully reverse engineered and tested to be functional. It has been demonstrated to work using this driver with a CM100 drive.
FISSURE is an open-source RF and reverse engineering framework designed for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability analysis, automation, and AI/ML. The framework was built to promote the rapid integration of software modules, radios, protocols, signal data, scripts, flow graphs, reference material, and third-party tools. FISSURE is a workflow enabler that keeps software in one location and allows teams to effortlessly get up to speed while sharing the same proven baseline configuration for specific Linux distributions.
The framework and tools included with FISSURE are designed to detect the presence of RF energy, understand the characteristics of a signal, collect and analyze samples, develop transmit and/or injection techniques, and craft custom payloads or messages. FISSURE contains a growing library of protocol and signal information to assist in identification, packet crafting, and fuzzing. Online archive capabilities exist to download signal files and build playlists to simulate traffic and test systems.
A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM. Full featured hex editor. Byte patching. Patch management. Copy and paste byte sequences. String and hex pattern highlighting. Pattern matching DSL. Huge file support. Can disassemble 16 different architectures' code and counting.
Omnivore is a cross-platform app for modern hardware (running linux, MacOS and Windows) to work with executables or media images of Atari 8-bit, Apple ][+, and other retrocomputer machines and game consoles.
A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Books, videos, and examples.
Assembled by DC540.
USBQ is a Python-based programming framework for monitoring and modifying USB communications. Uses the kernel module from USBiquitous to implement the MITM part in the USB stack. Really does need an external device to actually sit in between the device and the system to sniff the data. Hmm.
This repository contains helpful resources to receive signals transmitted from an Arduino 433 MHz transmitter with an RTL-SDR receiver using GNU Radio.
The project consists of two parts. In the first part, we reverse-engineer the protocol. In the second part, we implement a real-time receiver.
Binary Viewer is a tool for binary file discovery using visualizations that may highlight patterns.
SecretFinder is a python script based on LinkFinder written to discover sensitive data like apikeys, access tokens, authorizations, Javascript web tokens, and so forth in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression.
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions.
Seems like it'd be useful for finding REST APIs to reverse engineer.
A book that teaches the basics of reverse engineering software. CC-BY-SA. Has its own Git repo. Available in multiple languages.
Software for investigating unknown wireless protocols. Plug in an SDR and go. Helps you figure out how to demodulate signals, record and transmit signals, generate an overview, write or customize decoding routines to get a clearer picture, annotate and label the signals, fuzz devices (with a transmit-capable SDR), and run simulations of the protocols' state machines.
In the Arch Linux Community package collection.
A cheat-sheet for reverse engineering malware, by Lenny Zeltser.