3 private links
Exercise NEPTUNE is a OSINT exercise where we conduct live OSINT operations (as friendly forces) on maritime units, in order to inform and improve cyber and information security in the industry, and to notice trends and possible attack vectors.
Use an HSM for SSH Keys
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
This interactive brute force search space calculator allows you to experiment with password length and composition to develop an accurate and quantified sense for the safety of using passwords that can only be found through exhaustive search.
Cool. If I understand the LLVM code correctly, it's inserting the following instruction sequence into the code:
mov r11, [cookie]
xor r11, [rsp]
...
xor r11, [rsp]
cmp r11, [cookie]
jeq 2
int 3
int 3
rethttps://marc.info/?l=openbsd-cvs&m=152824407931917&w=2
Add RETGUARD to clang for amd64. This security mechanism uses per-function random cookies to protect access to function return instructions, with the effect that the integrity of the return address is protected, and function
return instructions are harder to use in ROP gadgets.
On function entry the return address is combined with a per-function random
cookie and stored in the stack frame. The integrity of this value is verified
before function return, and if this check fails, the program aborts. In this way
RETGUARD is an improved stack protector, since the cookies are per-function. The verification routine is constructed such that the binary space immediately
before each ret instruction is padded with int03 instructions, which makes these return instructions difficult to use in ROP gadgets. In the kernel, this has the effect of removing approximately 50% of total ROP gadgets, and 15% of unique ROP gadgets compared to the 6.3 release kernel. Function epilogues are essentially gadget free, leaving only the polymorphic gadgets that result from jumping into the instruction stream partway through other instructions. Work to remove these gadgets will continue through other mechanisms.
Remaining work includes adding this mechanism to assembly routines, which must be done by hand. Many thanks to all those who helped test and provide feedback, especially deaadt, tb, espie and naddy.
Reverse Engineering Cognition
September 2015
Topics: Cybersecurity, Technical Training
Maura K. Tennor, The MITRE Corporation
This paper presents the results of a literature review on the topic of Reverse Engineering Cognition under MITRE’s Internal Research and Development Portfolio. Resource material for this review was gathered by conducting a series of searches for journal articles, conference proceedings and a variety of Internet sources. The paper summarizes what we know today about how reverse engineering of binaries is performed at a cognitive and mechanical level, ties in related areas such as expertise and mental models, and suggests avenues for future research.