This technique analysis will walk through three examples to help explain the process of hooking functions to retrieve useful information as well as modifying functions to a researcher’s benefit.
We developed and now share a windbg script to ease the vulnerability and exploit analysis process. This technique can be used in general to aid in the research of win32k vulnerabilities.
This guide will walk you through this process step by step, using the recent research on the semi Personal Robot as a case study.
This blog will walk through some automation developed to facilitate patch diffing and is as well as a discussion of how to obtain the before and after files for a given patch, rather than the actual process of patch diffing.
Privacy is both important and difficult to achieve today. To complicate matters, some data needs to be recoverable in a secure way. Fortunately, there is another option that can meet all requirements.
When analyzing a piece of malware, or reversing a CTF challenge, it’s common to find functions that are implementing a given algorithm that you want to apply to arbitrary data.
In this Tools and Techniques article, we will be relying on Python 3 to solve some of these challenges.
Ever wondered how SCADA or ICS systems actually work? This short paper focuses on a demo unit we built and the security risks that can accompany these often overlooked environments.
Rewatched “the Matrix” and wondering what glitching is? In this context, it’s not Déjà vu, but a technique to bypass hardware checks and get a root prompt. In this guide, we apply it to U-Boot.
Watchdog timers can be the bane of exploit-developers existence. We detail techniques to halt, kill, or bypass watchdog timers, even in cases where there are redundant WDTs.
Unpin developer supplied certificates to decrypt app data over SSL (Android versions 7-10)
This simple guide details some of the common tools, configuration steps, and issues data scientists might uncover as they begin to build their first machine learning models and applications.
An in-depth “how-to” guide on cross-compiling legacy systems, for when you can’t seem to find the necessary tools to automate the process.
Unpin developer supplied certificates to decrypt app data over SSL (Android versions 4-6)
This whitepaper details an innovative just-in-time jamming technique developed by Trellix Advanced Threat Research and demonstrates a unique use case for an attack against a popular garage door.