Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel


Tools

Android application hooking tool based on VirtualApp
–> VirtualHook - github <–

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
–> PRET - github <–

Scripts for fetching the strava database
–> Whitequark - github <–

DebugView++, collect, view and filter your application logs
–> DebugViewPP - github <–

This is a malware manipulation environment for OpenAI’s gym
–> gym-malware - github <–



Talks & Knowledge

Reverse engineering and exploiting Samsung’s TrustZone
–> Reverse engineering and exploiting Samsung’s TrustZone - medium <–

A collection of reverse engineering challenges for learning about the Android operating system and mobile security.
–> android-crackme-challenge - github <–

Unpacking GandCrab Ransomware
–> Unpacking GandCrab Ransomware - secrary <–

This project is designed to provide an example of building a simple stack-based virtual machine from scratch. This project is implemented in c++.
–> Stack-VM - github <–

Shows binary characteristics typical for Spectre POC samples
–> Detect Spectre POC samples - Hybrid-Analysis <–

OWASP ZSC is an open source software in Python language which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX under Python.
–> OWASP ZSC Tool Project - OWASP <–

Linux Kernel Runtime Guard (LKRG) is a loadable kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel.
–> Linux Kernel Runtime Guard - Openwall <–



Threats

CrossRAT keylogging malware targets Linux, macOS & Windows PCs
–> CrossRAT - HackRead <–

GandCrab Ransomware Distributed by Exploit Kits, Appends GDCB Extension
–> GandCrab Ransomware - BleepingComputer <–

Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability
–> CVE-2018-0101 - CISCO <–

Let’s Encrypt - Phishing Pages Hidden in “well-known” Directory
–> ./well-known/ Folder Phishing Pages - SecurityWeek <–