(새 문서: ==Warning== 본 문서는 분석 및 공부를 수행할 때 유용한 정보들을 쉽게 찾기 위한 문서입니다. wiki 문서의 성격 상 '누구에게나' 공유 가능합...) |
Bunseokbot (토론 | 기여) (불필요한 Contributor에 대한 정보와 교육생 누구나 수정, 삭제할 수 있도록 해당 문구를 삭제 하였습니다.) |
||
| (사용자 2명의 중간 판 7개는 보이지 않습니다) | |||
| 23번째 줄: | 23번째 줄: | ||
: 6. Awesome Papers: 특별히 참조해야 할 논문 혹은 Article | : 6. Awesome Papers: 특별히 참조해야 할 논문 혹은 Article | ||
: 7. TBD: 별도의 분류가 필요하다고 생각되는 경우 분류 신설 | : 7. TBD: 별도의 분류가 필요하다고 생각되는 경우 분류 신설 | ||
| − | |||
| − | |||
| − | |||
=== To BoB === | === To BoB === | ||
| 31번째 줄: | 28번째 줄: | ||
* 논문을 추가할 때에는 반드시 직접 "읽어보고" 추가하기 바랍니다. | * 논문을 추가할 때에는 반드시 직접 "읽어보고" 추가하기 바랍니다. | ||
* S&P, ACMCCS, USENIX, NDSS 등의 권위있는 학회가 아니더라도 Awesome하다고 판단되면 등재할 수 있습니다. | * S&P, ACMCCS, USENIX, NDSS 등의 권위있는 학회가 아니더라도 Awesome하다고 판단되면 등재할 수 있습니다. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
==Tools Installation== | ==Tools Installation== | ||
| − | <b> | + | <b>Radare2: Libre and Portable Reverse Engineering Framework</b> |
https://rada.re/n/ | https://rada.re/n/ | ||
| − | <b> | + | <b>HxD: Freeware Hex Editor and Disk Editor </b> |
https://mh-nexus.de/en/hxd/ | https://mh-nexus.de/en/hxd/ | ||
| − | <b> | + | <b>Ghidra: A software reverse engineering (SRE) suite of tools developed by NSA </b> |
https://ghidra-sre.org/ | https://ghidra-sre.org/ | ||
| − | <b> | + | <b>IDA-Freeware: State-of-the-art binary code analysis tools </b> |
https://hex-rays.com/ida-free/ | https://hex-rays.com/ida-free/ | ||
| − | <b> | + | <b>Frida: Dynamic instrumentation toolkit</b> |
Main page : https://frida.re/ | Main page : https://frida.re/ | ||
Install guide : https://frida.re/docs/installation/ | Install guide : https://frida.re/docs/installation/ | ||
Release page : https://github.com/frida/frida/releases | Release page : https://github.com/frida/frida/releases | ||
| − | <b> | + | <b>Windows Sysinternal: Various tools for windows OS</b> |
https://docs.microsoft.com/en-us/sysinternals/ | https://docs.microsoft.com/en-us/sysinternals/ | ||
| − | <b> | + | <b>BurpSuite: HTTP(s) / WebSockets Proxy, Repeater, Decoder, Sequencer, and Comparer. </b> |
https://portswigger.net/burp/communitydownload | https://portswigger.net/burp/communitydownload | ||
| − | <b> | + | <b>Jadx-gui: GUI based dex2java decompiler </b> |
https://github.com/skylot/jadx/releases | https://github.com/skylot/jadx/releases | ||
| + | |||
| + | <b>winAFL: A fork of AFL that uses different instrumentation approach which works on Windows </b> | ||
| + | https://github.com/googleprojectzero/winafl | ||
| + | |||
| + | <b>WireShark: World’s foremost and widely-used network protocol analyzer. </b> | ||
| + | https://www.wireshark.org/download.html | ||
| + | |||
| + | <b>Binwalk : A fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images. </b> | ||
| + | https://github.com/ReFirmLabs/binwalk | ||
| + | |||
| + | <b>Janus: Fuzzing File Systems via Two-Dimensional Input Space Exploration </b> | ||
| + | Git Link: https://github.com/sslab-gatech/janus | ||
| + | Paper Link: https://gts3.org/assets/papers/2019/xu:janus.pdf | ||
| + | |||
| + | <b>angr : platform-agnostic binary analysis framework (by Python) </b> | ||
| + | https://github.com/angr/angr | ||
==Useful Website== | ==Useful Website== | ||
| − | <b> | + | <b> CyberChef: The Cyber Swiss Army Knife </b> |
https://gchq.github.io/CyberChef/ | https://gchq.github.io/CyberChef/ | ||
| − | <b> | + | <b> Darkbyte: convert data in different ways (Encoding, Hash, no utf), </b> |
https://conv.darkbyte.ru/ | https://conv.darkbyte.ru/ | ||
| − | <b> | + | <b> Sc2exe: Convert Shellcode into EXE format for debugging</b> |
http://sandsprite.com/sc2exe/shellcode_2_exe.php | http://sandsprite.com/sc2exe/shellcode_2_exe.php | ||
| − | <b> | + | <b> CrackStation: Rainbow hash table attack DB</b> |
https://crackstation.net/ | https://crackstation.net/ | ||
| − | <b> | + | <b> Online HEX to ARM Converter </b> |
https://armconverter.com/ | https://armconverter.com/ | ||
==Cheat Sheet== | ==Cheat Sheet== | ||
| − | <b> | + | <b> Coder32: X86 Opcode and Instruction Reference Home </b> |
http://ref.x86asm.net/coder32.html | http://ref.x86asm.net/coder32.html | ||
| − | <b> | + | <b> FridaCodeShare: Shared frida script project archive </b> |
https://codeshare.frida.re/l | https://codeshare.frida.re/l | ||
==CTF / Training Site== | ==CTF / Training Site== | ||
| − | <b> | + | <b> CTF Time : Capture The Flag (CTF) competitions archive </b> |
https://ctftime.org/ | https://ctftime.org/ | ||
| − | <b> | + | <b> HackTheBox : A Massive Hacking Playground </b> |
https://www.hackthebox.eu/ | https://www.hackthebox.eu/ | ||
| + | |||
| + | <b> dreamhack : hacker's playground </b> | ||
| + | https://dreamhack.io/ | ||
| + | |||
| + | <b> crackmes : download crackmes to improve your reverse engineering skills. </b> | ||
| + | http://crackmes.one/ | ||
==Information Sites== | ==Information Sites== | ||
| − | <b> | + | <b> CVE List: Common Vulnerabilities and Exposures List </b> |
https://cve.mitre.org/ | https://cve.mitre.org/ | ||
| − | <b> | + | <b> Mozilla Foundation Security Advisories </b> |
https://www.mozilla.org/en-US/security/advisories/ | https://www.mozilla.org/en-US/security/advisories/ | ||
==Awesome Papers== | ==Awesome Papers== | ||
| − | <b> | + | <b> SoK: Eternal War in Memory </b> |
https://ieeexplore.ieee.org/abstract/document/6547101 | https://ieeexplore.ieee.org/abstract/document/6547101 | ||
| − | <b> | + | <b> Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors </b> |
https://users.ece.cmu.edu/~yoonguk/papers/kim-isca14.pdf | https://users.ece.cmu.edu/~yoonguk/papers/kim-isca14.pdf | ||
2021년 7월 28일 (수) 21:32 기준 최신판
목차
Warning
본 문서는 분석 및 공부를 수행할 때 유용한 정보들을 쉽게 찾기 위한 문서입니다. wiki 문서의 성격 상 '누구에게나' 공유 가능합니다. 폐쇄성을 가지지 않습니다. BOB wiki 내의 본 문서는 BOB 관계자만 편집 가능하나, 외부로 공유된 경우 누구나 자유롭게 편집이 가능합니다. 단, BOB wiki 외부로 공유된 경우, 해당 문서를 참조, 활용하여 발생하는 모든 책임은 당사자에게 있습니다.
새로운 항목을 등록할 때에는 사이트의 짧은 설명과 링크를 작성합니다. 이 때 짧은 설명은 해당 사이트의 About, Main page에서 발췌하는 것을 기본으로 하며, 없는 경우 직접 작성합니다. 하나의 항목에 두개 이상의 링크가 있는 경우 링크에 대한 설명을 추가할 수 있습니다.
다음과 같은 문서는 링크를 금합니다.
- 1. 불법 스캔본 혹은 유료 정보(Commercial Article PDF, 특정 강의 등)
- 2. 불법적인 행동 가이드라인 (Crack파일 공유 등)
- 3. 개인이 운영하는 블로그
- (단, Google Project Zero 혹은 Business Security Advisor 등 특정 단체 소속의 글은 링크 가능)
다음과 같은 문서의 링크를 장려합니다.
- 1. Tools Installation: 특정 Tool의 공식 홈페이지 및 설치
- 2. Useful Website: Web based tool
- 3. Cheat Sheet: 작업 중 참조용 정보 시트
- 4. CTF / Training Site: CTF 대회 관련 사이트 혹은 플랫폼
- 5. Information Sites: 보안정보 사이트 (CVE, Advisory)
- 6. Awesome Papers: 특별히 참조해야 할 논문 혹은 Article
- 7. TBD: 별도의 분류가 필요하다고 생각되는 경우 분류 신설
To BoB
- 논문을 추가할 때에는 반드시 직접 "읽어보고" 추가하기 바랍니다.
- S&P, ACMCCS, USENIX, NDSS 등의 권위있는 학회가 아니더라도 Awesome하다고 판단되면 등재할 수 있습니다.
Tools Installation
Radare2: Libre and Portable Reverse Engineering Framework https://rada.re/n/
HxD: Freeware Hex Editor and Disk Editor https://mh-nexus.de/en/hxd/
Ghidra: A software reverse engineering (SRE) suite of tools developed by NSA https://ghidra-sre.org/
IDA-Freeware: State-of-the-art binary code analysis tools https://hex-rays.com/ida-free/
Frida: Dynamic instrumentation toolkit Main page : https://frida.re/ Install guide : https://frida.re/docs/installation/ Release page : https://github.com/frida/frida/releases
Windows Sysinternal: Various tools for windows OS https://docs.microsoft.com/en-us/sysinternals/
BurpSuite: HTTP(s) / WebSockets Proxy, Repeater, Decoder, Sequencer, and Comparer. https://portswigger.net/burp/communitydownload
Jadx-gui: GUI based dex2java decompiler https://github.com/skylot/jadx/releases
winAFL: A fork of AFL that uses different instrumentation approach which works on Windows https://github.com/googleprojectzero/winafl
WireShark: World’s foremost and widely-used network protocol analyzer. https://www.wireshark.org/download.html
Binwalk : A fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images. https://github.com/ReFirmLabs/binwalk
Janus: Fuzzing File Systems via Two-Dimensional Input Space Exploration Git Link: https://github.com/sslab-gatech/janus Paper Link: https://gts3.org/assets/papers/2019/xu:janus.pdf
angr : platform-agnostic binary analysis framework (by Python) https://github.com/angr/angr
Useful Website
CyberChef: The Cyber Swiss Army Knife https://gchq.github.io/CyberChef/
Darkbyte: convert data in different ways (Encoding, Hash, no utf), https://conv.darkbyte.ru/
Sc2exe: Convert Shellcode into EXE format for debugging http://sandsprite.com/sc2exe/shellcode_2_exe.php
CrackStation: Rainbow hash table attack DB https://crackstation.net/
Online HEX to ARM Converter https://armconverter.com/
Cheat Sheet
Coder32: X86 Opcode and Instruction Reference Home http://ref.x86asm.net/coder32.html
FridaCodeShare: Shared frida script project archive https://codeshare.frida.re/l
CTF / Training Site
CTF Time : Capture The Flag (CTF) competitions archive https://ctftime.org/
HackTheBox : A Massive Hacking Playground https://www.hackthebox.eu/
dreamhack : hacker's playground https://dreamhack.io/
crackmes : download crackmes to improve your reverse engineering skills. http://crackmes.one/
Information Sites
CVE List: Common Vulnerabilities and Exposures List https://cve.mitre.org/
Mozilla Foundation Security Advisories https://www.mozilla.org/en-US/security/advisories/
Awesome Papers
SoK: Eternal War in Memory https://ieeexplore.ieee.org/abstract/document/6547101
Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors https://users.ece.cmu.edu/~yoonguk/papers/kim-isca14.pdf