Presentation for Roadshow of Cyber Security Marathon 2018
Mozilla Community Space
Jakarta, 2018-01-20
How many of you know firmware?
Then how many of you know that firmware can be reversed?
Let's see how can we do that.
CS266 Software Reverse Engineering (SRE)
Introduction to Software Reverse Engineering
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
CS266 Software Reverse Engineering (SRE)Reversing and Patching Wintel Machine Code
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
Software Reverse Engineering in a Security ContextLokendra Rawat
Software Reverse Engineering in a Security Context (ncrisc 2018) this research paper was proposed in university event and it's targeted audience was junior students and anyone who doesn't have a clue on reverse engineering , also useful for developers because this will help them to understand execution of their developed applications on low level and malicious person able to exploit their applications
Software Reverse Engineering in a Security Context (ncrisc 2018)Lokendra Rawat
https://drive.google.com/open?id=152zyh8NsPD3razOdgm5AY4QTzHTHTPCJ
NCRISC (2nd National Conference on Recent innovation in Software and Computer 2018)
Introduction and importance of reverse engineering in security related issues with the help of examples and exploit development references and learning resources for beginners.
Presentation for Roadshow of Cyber Security Marathon 2018
Mozilla Community Space
Jakarta, 2018-01-20
How many of you know firmware?
Then how many of you know that firmware can be reversed?
Let's see how can we do that.
CS266 Software Reverse Engineering (SRE)
Introduction to Software Reverse Engineering
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
CS266 Software Reverse Engineering (SRE)Reversing and Patching Wintel Machine Code
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
Software Reverse Engineering in a Security ContextLokendra Rawat
Software Reverse Engineering in a Security Context (ncrisc 2018) this research paper was proposed in university event and it's targeted audience was junior students and anyone who doesn't have a clue on reverse engineering , also useful for developers because this will help them to understand execution of their developed applications on low level and malicious person able to exploit their applications
Software Reverse Engineering in a Security Context (ncrisc 2018)Lokendra Rawat
https://drive.google.com/open?id=152zyh8NsPD3razOdgm5AY4QTzHTHTPCJ
NCRISC (2nd National Conference on Recent innovation in Software and Computer 2018)
Introduction and importance of reverse engineering in security related issues with the help of examples and exploit development references and learning resources for beginners.
Reverse Engineering - Protecting and Breaking the SoftwareSatria Ady Pradana
First upload.
Introduction to reverse engineering. The focus of this presentation is software or code, emphasizing on common practice in reverse engineering of software
Reverse Engineering: Protecting and Breaking the SoftwareSatria Ady Pradana
Presentation on Let's Secure Your Code
Universitas Muhammadiyah Surakarta
Surakarta, 2017-05-01
Introduction to Reverse Engineering.
This presentation is focusing on software or code, emphasizing on common practice in reverse engineering of software.
(Workshop) Reverse Engineering - Protecting and Breaking the SoftwareSatria Ady Pradana
Workshop on May 2, 2017.
This workshop is a small introductory to reverse engineering with C# and CIL as focus.
The crackme: https://pastebin.com/AS8NEtLc
The challenge: https://pastebin.com/Tb0MutfK
Reverse Engineering: Protecting and Breaking the Software (Workshop)Satria Ady Pradana
Workshop on Let's Secure Your Code
Universitas Muhammadiyah Surakarta
Surakarta, 2017-05-02
This workshop is a small introductory to Reverse Engineering, with C# and CIL as focus.
The crackme: https://pastebin.com/AS8NEtLc
The challenge: https://pastebin.com/Tb0MutfK
Building Large Scale PHP Web Applications with Laravel 4Darwin Biler
Learn how Laravel 4 can be leveraged to its fullest by making use of its powerful design patterns, specifically IoC Container and Dependency Injection.
Dear students get fully solved assignments
Send your semester & Specialization name to our mail id :
“ help.mbaassignments@gmail.com ”
or
Call us at : 08263069601
Hibernate training at HarshithaTechnologySolutions @ NizampetJayarajus
HTS is a professionally managed IT Software Development and Consulting company offering services in the area of Software Development, Software Integration, Web Solutions, Outsourcing Services, Technical Staff Augmentation. Our business approach models provide our clients the highest quality services at significantly reduced costs.
<a />Hibernate</a>
Hibernate weekends Training is an Object-Relational Mapping (ORM) solution for JAVA and it raised as an open source persistent framework created by Gavin King in 2001. Hibernate weekends Training is a powerful, high performance Object-Relational Persistence and Query service for any Java Application. Hibernate Training maps Java classes to database tables and from Java data types to SQL data types and relieve the developer from 95% of common data persistence related programming tasks. Hibernate sits between traditional Java objects and database server to handle all the work in persisting those objects based on the appropriate O/R mechanisms and patterns.
Checkout for schedules
Contact Us:
Flat No: 2A, 2B, Livingston Estate,
Beside Andhra Bank, NIzampet Main Road, Hyderabad-85.
Phone: +91-40-42020378.
info@harshithatechnologies.com
Designing Malware for Modern Red Team and Adversary Tradecraft.
Why using python for building malware?
Lesson learn and consideration.
as presented in PyCon ID 2021 (05/12/2021)
Reverse Engineering - Protecting and Breaking the SoftwareSatria Ady Pradana
First upload.
Introduction to reverse engineering. The focus of this presentation is software or code, emphasizing on common practice in reverse engineering of software
Reverse Engineering: Protecting and Breaking the SoftwareSatria Ady Pradana
Presentation on Let's Secure Your Code
Universitas Muhammadiyah Surakarta
Surakarta, 2017-05-01
Introduction to Reverse Engineering.
This presentation is focusing on software or code, emphasizing on common practice in reverse engineering of software.
(Workshop) Reverse Engineering - Protecting and Breaking the SoftwareSatria Ady Pradana
Workshop on May 2, 2017.
This workshop is a small introductory to reverse engineering with C# and CIL as focus.
The crackme: https://pastebin.com/AS8NEtLc
The challenge: https://pastebin.com/Tb0MutfK
Reverse Engineering: Protecting and Breaking the Software (Workshop)Satria Ady Pradana
Workshop on Let's Secure Your Code
Universitas Muhammadiyah Surakarta
Surakarta, 2017-05-02
This workshop is a small introductory to Reverse Engineering, with C# and CIL as focus.
The crackme: https://pastebin.com/AS8NEtLc
The challenge: https://pastebin.com/Tb0MutfK
Building Large Scale PHP Web Applications with Laravel 4Darwin Biler
Learn how Laravel 4 can be leveraged to its fullest by making use of its powerful design patterns, specifically IoC Container and Dependency Injection.
Dear students get fully solved assignments
Send your semester & Specialization name to our mail id :
“ help.mbaassignments@gmail.com ”
or
Call us at : 08263069601
Hibernate training at HarshithaTechnologySolutions @ NizampetJayarajus
HTS is a professionally managed IT Software Development and Consulting company offering services in the area of Software Development, Software Integration, Web Solutions, Outsourcing Services, Technical Staff Augmentation. Our business approach models provide our clients the highest quality services at significantly reduced costs.
<a />Hibernate</a>
Hibernate weekends Training is an Object-Relational Mapping (ORM) solution for JAVA and it raised as an open source persistent framework created by Gavin King in 2001. Hibernate weekends Training is a powerful, high performance Object-Relational Persistence and Query service for any Java Application. Hibernate Training maps Java classes to database tables and from Java data types to SQL data types and relieve the developer from 95% of common data persistence related programming tasks. Hibernate sits between traditional Java objects and database server to handle all the work in persisting those objects based on the appropriate O/R mechanisms and patterns.
Checkout for schedules
Contact Us:
Flat No: 2A, 2B, Livingston Estate,
Beside Andhra Bank, NIzampet Main Road, Hyderabad-85.
Phone: +91-40-42020378.
info@harshithatechnologies.com
Designing Malware for Modern Red Team and Adversary Tradecraft.
Why using python for building malware?
Lesson learn and consideration.
as presented in PyCon ID 2021 (05/12/2021)
Man in the Middle, classic but still relevant.
What is MITM? How to achieve it? What impact it have?
Find out MITM in this presentation (Jakarta, 25/07/2020)
Preparation, Activities, Challenges.
Bagaimana memulai karir di bidang Cyber Security?
Apa saja yang perlu dipersiapkan?
Apa rutinitas dan aktivitas yang dilakukan?
Ketahui lebih lanjut di presentasiku ini (Jakarta, 24/06/2020)
small talk about IOT security especially IOT pentesting for beginner. What exactly IOT and how we test it?
Live on Ethical Hacker Indonesia
April 14th 2020
Slide yang kupresentasikan di PyCon 2019 (Surabaya, 23/11/2019)
Red-Teaming is a simulation of real world hacking against organization. It has little to no limit of time, location, and method to attack. Only results matter. This talk gives insight about how “hacker” works and how python can be used for sophisticated series of attack.
Slide yang kupresentasikan di MII-Intel Seminar (Jakarta, 30/10/2019)
IoT is the Future. Or even, IoT is widely adopted now.
Are you sure you are prepared enough for it? Are confident that your IoT solution is secure?
The Offensive Python: Practical Python for Penetration TestingSatria Ady Pradana
Presentation for Roadshow of Cyber Security Marathon 2018
Code Margonda
Depok, 2018-01-11
So you got python? How far can you push your python?
Why would hackers love python?
It's not hard to know that python is amazing language. But how amazing it could be for cyber security? Let's see by getting our hands dirty, from simple tasks to more challenging action
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
Seminar on Explicit's Art of Hacking
Telkom University Bandung
Bandung, 2017-11-04
Android security mostly seen as only "exploiting the device with RAT" and some of it. Here, I want to show that there are more than that.
Presentation on Technostar 2017
STMIK Jakarta STI&K
Jakarta, 2017-10-10
General overview of android security from hacker's perspective. Android security mostly seen as only "exploiting the device with RAT" and some of it. Here, I want to show that there are more than that.
Small discussion on Echo's Hack In The Zoo (HITZ) 2017
Ragunan Zoo Jakarta
Jakarta, 2017-09-09
Frida? It's a Dynamic Binary Instrumentation. DBI.
Let's see what frida can do for us, reverse engineer.
2017-07-16
A training for learning the internal of malware.
This version is the compressed version of Malware Engineering & Crafting.
We talk about malware as well as crafting the simple working malware. The goal of this session is to understand malware internal so one can have tactics to combat it.
Memory Forensic: Investigating Memory Artefact (Workshop)Satria Ady Pradana
Workshop of memory forensic
Atmajaya University
Yogyakarta, 2017-04-29
What is memory forensic? How could it be important? How can we use memory forensic in certain case? Should we do memory forensic?
This is the workshop side with hands-on material.
Presentation of memory forensic
Atmajaya University
Yogyakarta, 2017-04-29
What is memory forensic? How could it be important? How can we use memory forensic in certain case? Should we do memory forensic?
Presentation on STMIK Nusa Mandiri.
Jakarta, 2017-04-25
This talk is an insight about hacking and cyber security in general. Giving the audience the sense of security and fundamental concept of this field.
Presentasi di ID Cert Malware Summit 2017
Bandung, 2017-04-13
Presentasi ini terdiri dari beberapa slide yang membahas subtopik presentasi. Narasi dan penjelasan ada pada notes di setiap slide.
Workshop on Mobile Forensic and Computer Security 2017
Universitas Ahmad Dahlan
Yogyakarta, 2017-02-17
dracOs is a linux distro for cyber security activity. But most of us know cyber security as offensive activity. How about digital forensic?
Here we are discussing about dracOs and masterplan for digital forensic in future release.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
2. Hi!
I am Satria Ady Pradana
Community Leader
of
Reversing.ID
xathrya
@xathrya
Reversing.ID
Revealing the Truth through Breaking Things
https://xathrya.id
3. Disclaimer
This presentation is intended for educational purposes only.
Reverse engineering of copyrighted material is illegal an might
cause you a direct or indirect consequence. We have no
responsibility of anything you do after learning this.
5. Explaining Reversing
Originally used in the context of mechanical engineering
Breaks down an existing object or system to its construction
and then rebuild it based on new demand.
Extracting knowledge or design information from anything man-
made and reproducing it or reproduce anything based on the
extracted information.
12. Control Flow Bypass
Alter program flow
Force program to takes (or leaves) intended action.
Jump over the protection mechanism
13. Code Caving
Writing code to specific region of application (or process’
memory)
Fast and easy
No need for source
In conjunction of Function Trampoline.
15. The Language
Depend on the target of reversing.
Each programming languages might have unique trait or
characteristic.
Channel in Go
Two classes of programming language: native, interpreted.
16. Assembly
Primitive of Processors operations
Complex operation is decomposed to various instructions
Constrained by processors’ architecture
17. The Executable Format
Application has a format.
Identify by magic number.
Structured and has some sections for data, code, resource, etc.
Function might be provided by foreign module (ex: DLL), list of
imported function is maintained.
18.
19.
20. Design Pattern
Software is divided into conceptual module and working
together.
Repeatable solution to a commonly occurring problem in a
software design.
24. Hex Editor
Display the content of file as collection of hex formatted-data and modify
part of them.
Find pattern and occurrence.
25.
26. Disassembler
Transform stream of hex bytes to its assembly representation.
Resolve data and resource, referred by the code.
27.
28. Debugger
Test or debug other (target) program
Examine program condition at runtime.
Modify code or data section.
Modify CPU state
Alter control flow