nani1337 / fce Goto Github PK

=== fce

Just a collection of code that I wrote/borrowed and put here for safekeeping purposes.

Information sources:

=== Computer theory

[1] http://duartes.org/gustavo/blog/best-of
[2] http://wiki.osdev.org/Main_Page
[3] http://resources.infosecinstitute.com/protected-mode-and-the-idt/
[4] http://www.codeproject.com/Articles/19648/Get-interrupt-vector-information-in-Windows 
[5] "Code: The Hidden Language of Computer Hardware and Software" by Charles Petzold
[6] "Operating Systems Design and Implementation" by Andrew S. Tanenbaum and Albert S. Woodhull
[7] "The Indispensable PC Hardware Book" by Hans-Peter Messmer 
[8] "Computer Networks" by Andrew S. Tanenbaum and David J. Wetherall
[9] "Assemblers and Loaders" by David Salomon http://www.davidsalomon.name/assem.advertis/asl.pdf
[10] "x86_64 assembly" http://www.x86-64.org/documentation/assembly.html
[11] http://sandpile.org/
[12] "Roll your own UNIX distro" http://www.jamesmolloy.co.uk/tutorial_html/index.html
[13] "Writing a simple Operating System from scratch" http://www.cs.bham.ac.uk/~exr/lectures/opsys/10_11/lectures/os-dev.pdf

=== Cryptography

[1] "Computer Security and Cryptography" by Alan G. Konheim
[2] "Handbook of Applied Cryptography" by A. J. Menezes, P. C. van Oorschot, S. A. Vanstone
[3] "Applied Cryptography" by Bruce Schneier
[4] https://www.crypto101.io/ by Laurens Van Houtven
[5] http://www.madboa.com/geek/openssl/
[6] "Salted Password Hashing Doing it Right" http://www.codeproject.com/Articles/704865/Salted-Password-Hashing-Doing-it-Right
[7] "Applied Mathematics for Reversers I" by Haldir[RET] http://www.reteam.org/papers/e20.pdf 
[8] "Applied Mathematics for Reversers II" by Haldir[RET] http://www.reteam.org/papers/e31.pdf
[9] "Applied Mathematics for Reversers III" by Haldir[RET] http://www.reteam.org/papers/e36.pdf 

=== General RE/hacking/programming

[1] "The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System" by Bill Bunden
[2] "Security Engineering" by Ross Anderson http://www.cl.cam.ac.uk/~rja14/book.html
[3] "The Art of Computer Virus Research and Defense" by Peter Szor
[4] "Malware Forensics: Investigating and Analyzing Malicious Code" by Cameron H. Malin, Eoghan Casey, James M. Aquilina
[5] "Reversing: Secrets of Reverse Engineering" by Eldad Eilam
[6] "Hacking: The Art of Exploitation" by Jon Erickson 
[7] "Gray Hat Python: Python Programming for Hackers and Reverse Engineers" by Justin Seitz
[8] http://opensecuritytraining.info/Training.html
[9] "IDA Pro Book by Chris Eagle" http://www.nostarch.com/idapro2.htm
[10] http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-eagle.pdf
[11] http://www.hackerschool.org/HS_Boards/data/Lib_windows/%5BBlackHat%5Deagle_ida_pro_06.pdf
[12] "Reverse Engineering for Beginners" by Dennis Yurichev http://yurichev.com/writings/RE_for_beginners-en.pdf
[13] http://en.wikipedia.org/wiki/List_of_file_signatures  
[14] "Breaking AV software" by Joxean Koret http://mincore.c9x.org/breaking_av_software.pdf 
[15] "Attacks on Virtual Machine Emulators" by Peter Ferrie http://www.symantec.com/avcenter/reference/Virtual_Machine_Threats.pdf 
[16] "RECON14 presentations" http://recon.cx/2014/slides/
[17] "A python tool to identify different Hash Function Algorithms" https://github.com/AnimeshShaw/Hash-Algorithm-Identifier
[18] "NoSuchCon14 slides" http://www.nosuchcon.org/talks/2014/
[19] "A Quick Tutorial on Implementing and Debugging Malloc, Free, Calloc, and Realloc" http://danluu.com/malloc-tutorial/

=== Windows

[1] http://securityxploded.com/security-training-reversing-malware-analysis.php 
[2] http://securityxploded.com/security-training-advanced-malware-analysis.php
[3] "The Art of Unpacking part 1" https://www.blackhat.com/presentations/bh-usa-07/Yason/Presentation/bh-usa-07-yason.pdf
[4] "The Art of Unpacking part 2" https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf
[5] "A study of the packer problem and its solutions" by Fanglu Guo, Peter Ferrie, Tzi-cker Chiueh http://www.ecsl.cs.sunysb.edu/tr/TR237.pdf
[6] "Anti-Unpacker Tricks by Peter Ferrie" http://pferrie.tripod.com/papers/unpackers.pdf
[7] "How to Write Your Own Packer" by BigBoote http://www.stonedcoder.org/~kd/lib/61-267-1-PB.pdf  
[8] "A model for Self-Modifying Code" by Bertrand Anckaert, Matias Madou, Koen De Bosschere http://tuts4you.com/download.php?view.3529
[9] ARTeam eZine http://www.accessroot.com/arteam/site/download.php?list.8  
[10] "Demystifying .NET RE part 1" http://resources.infosecinstitute.com/demystifying-dot-net-reverse-engineering-part-1-big-introduction/
[11] "Demystifying .NET RE part 2" http://resources.infosecinstitute.com/dot-net-reverse-engineering-part-2/
[12] "Demistifying .NET RE part 3" http://resources.infosecinstitute.com/dot-net-reverse-engineering-part-3/
[13] http://resources.infosecinstitute.com/demystifying-dot-net-reverse-engineering-introducing-round-trip-engineering/
[14] http://resources.infosecinstitute.com/demystifying-dot-net-reverse-engineering-advanced-round-trip-engineering/
[15] http://briolidz.wordpress.com/2012/03/28/windows-driver-debugging-with-windbg-and-vmware/
[16] http://www.windbg.info/doc/1-common-cmds.html#17_variables
[17] http://msdn.microsoft.com/en-us/library/windows/hardware/ff550659(v=vs.85).aspx
[18] http://www.woodmann.com/forum/archive/index.php/t-6713.html
[19] http://blogs.technet.com/b/markrussinovich/archive/2010/10/14/3360991.aspx
[20] http://disruptivesql.wordpress.com/
[21] http://waleedassar.blogspot.sk/2012/03/visual-basic-malware-part-1.html
[22] "Visual Basic Reversed - A decompiling approach" by Andrea Geddon http://www.reteam.org/papers/e46.pdf  
[23] http://www.codeproject.com/Articles/19648/Get-interrupt-vector-information-in-Windows
[24] http://resources.infosecinstitute.com/protected-mode-and-the-idt/
[25] "Detecting Virtual Machines" by Waliedassar http://reverseengineering.stackexchange.com/a/1828  
[26] "Coding malware for fun and not for profit" http://www.malwaretech.com/2014/04/coding-malware-for-fun-and-not-for.html
[27] "Ring3/Ring0 Rookit Hook detection I" http://www.malwaretech.com/2013/09/ring3-ring0-rootkit-hook-detection-12.html
[28] "Ring3/Ring0 Rootkit Hook Detection II" http://www.malwaretech.com/2013/10/ring3-ring0-rootkit-hook-detection-22.html
[29] "Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation" by Bruce Dang, Alexandre Gazet, Elias Bachaalany and Sebastien Josse 

=== Linux

[1] http://info.fs.tum.de/images/2/21/2011-01-19-kernel-hacking.pdf
[2] http://jvns.ca/blog/2013/10/07/day-5-i-wrote-a-kernel-module/
[3] https://github.com/citypw/citypw-SCFE/tree/master/security
[4] "Hooking the Linux System Call Table in 2012" http://rpinfosec.blogspot.sk/2012/06/hooking-linux-system-call-table-in-2012.html
[5] http://stackoverflow.com/questions/2103315/linux-kernel-system-call-hooking-example
[6] http://kernelnewbies.org/Networking?action=AttachFile&do=get&target=hacking_the_wholism_of_linux_net.txt
[7] "Kernel instrumentation using kprobes" http://phrack.org/issues.html?issue=67&id=6#article
[8] "Handling Interrupt Descriptor Table for fun and profit" http://www.phrack.org/issues.html?issue=59&id=4
[9] http://kernelnewbies.org/New_Kernel_Hacking_HOWTO
[10] "Intercepting System Calls and Dispatchers – Linux" https://ruinedsec.wordpress.com/2013/04/04/modifying-system-calls-dispatching-linux/
[11] http://www.blackhat.com/presentations/bh-europe-09/Lineberry/BlackHat-Europe-2009-Lineberry-code-injection-via-dev-mem-slides.pdf
[12] http://www.la-samhna.de/library/rootkits/index.html
[13] http://www.blackhat.com/presentations/bh-europe-09/Lineberry/BlackHat-Europe-2009-Lineberry-code-injection-via-dev-mem.pdf
[14] http://mammon.github.io/
[15] http://lwn.net/Kernel/LDD3/
[16] http://www.linuxvoice.com/be-a-kernel-hacker/?pk_campaign=hn&pk_kwd=3
[17] "Linux Rootkits 101" http://turbochaos.blogspot.sk/2013/09/linux-rootkits-101-1-of-3.html
[18] "Linux Rootkits 201" http://turbochaos.blogspot.sk/2013/10/writing-linux-rootkits-201-23.html
[19] "Linux Rootkits 301" http://turbochaos.blogspot.sk/2013/10/writing-linux-rootkits-301_31.html 
[20] "Malware Forensics Field Guide for Linux Systems" by Cameron H. Malin, Eoghan Casey, James M. Aquilina
[21] http://ouah.org/RevEng/
[22] "Linux Device Drivers" https://lwn.net/Kernel/LDD3/ 
[23] "Linux x86 run-time process manipulation" http://hick.org/code/skape/papers/needle.txt
[24] "How to detect virtualization on Linux" http://www.dmo.ca/blog/detecting-virtualization-on-linux/  
[25] "ptrace() tutorial" http://mikecvet.wordpress.com/2010/08/14/ptrace-tutorial/
[26] "ptrace() on 64-bit system" http://theantway.com/2013/01/notes-for-playing-with-ptrace-on-64-bits-ubuntu-12-10/
[27] "LINUX ANTI-DEBUGGING TECHNIQUES (FOOLING THE DEBUGGER)" http://www.ouah.org/linux-anti-debugging.txt  
[28] http://www.ouah.org/core-reconstruction.txt 
[29] http://www.ouah.org/textes.html
[30] "Runtime binary encryption" http://phrack.org/issues/58/5.html
[31] "Next-Gen Runtime Binary Encryption" http://phrack.org/issues/63/13.html
[32] "Mechanisms to determine VMWare VM" http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458
[33] "Startup state of a Linux/i386 ELF binary" http://asm.sourceforge.net/articles/startup.html
[34] https://code.google.com/p/corkami/downloads/list
[35] "UNIX VIRUSES" http://ouah.org/unix-viruses.txt
[36] "UNIX ELF PARASITES AND VIRUS" http://ouah.org/elf-pv.txt
[37] "The ELF virus writing howto" http://virus.bartolich.at/virus-writing-HOWTO/_html/index.html
[38] "Linux viruses - ELF file format" by Marius Van Oers http://www.mcafee.com/us/resources/white-papers/wp-linux-viruses-elf-file-format.pdf
[39] "The WIT virus" http://vanilla47.com/PDFs/Viruses In Linux PDFs/The WIT Virus.pdf
[40] "Brundle Fly virus" http://vx.org.ua/src_view.php?file=brundle.zip
[41] "Linux.RST.B" http://www.symantec.com/security_response/writeup.jsp?docid=2004-052312-2729-99&tabid=2
[42] "How I made MetaPHOR and what I've learnt" http://vxheavens.com/lib/vmd01.html
[43] "Cheating the ELF Subversive Dynamic Linking to Libraries" http://www.ouah.org/subversiveld.pdf
[44] "Reverse of a coin: A short note on segment alignment" http://vxheavens.com/lib/vhe04.html
[45] "Shiva - Advances in ELF Binary Encryption" https://www.blackhat.com/presentations/bh-usa-03/bh-us-03-mehta/bh-us-03-mehta.pdf
[46] "Burneye protector" http://packetstormsecurity.com/files/30648/burneye-1.0.1-src.tar.bz2.html
[47] "ELF Encrypter" http://elf-encrypter.sourceforge.net/
[48] "Anatomy of the Linux kernel" http://www.ibm.com/developerworks/linux/library/l-linux-kernel/index.html
[49] "Anatomy of a system call, part 1" http://lwn.net/Articles/604287/
[50] "Anatomy of a system call, part 2" http://lwn.net/SubscriberLink/604515/7970195bd8eba7a9/
[51] "Anatomy of Linux process management" http://www.ibm.com/developerworks/linux/library/l-linux-process-management/index.html
[52] http://www.vxheavens.com/herm1t/
[53] http://old.honeynet.org/reverse/results/sol/sol-06/analysis.html
[54] "About ELF Auxiliary Vectors" http://articles.manugarg.com/aboutelfauxiliaryvectors.html
[55] "What is linux-gate.so.1?" http://www.trilithium.com/johan/2005/08/linux-gate/
[56] "The Cerberus ELF interface" http://phrack.org/issues/61/8.html#article
[57] "Reverse Engineering Linux ELF Binaries on the x86 Platform" http://www.linuxsa.org.au/meetings/reveng-0.2.pdf
[58] http://www.cs.columbia.edu/~junfeng/10sp-w4118/lectures/l07-proc-linux.pdf
[59] "PLT and GOT the key to chode sharing and dynamic libraries"https://www.technovelty.org//linux/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html
[60] "PIC and x86-64 libraries" https://www.technovelty.org/c/position-independent-code-and-x86-64-libraries.html
[61] "PIC in shared libraries" http://eli.thegreenplace.net/2011/11/03/position-independent-code-pic-in-shared-libraries/
[62] "PIC in shared libraries on x64" http://eli.thegreenplace.net/2011/11/11/position-independent-code-pic-in-shared-libraries-on-x64/
[63] "Understanding x64 code models" http://eli.thegreenplace.net/2012/01/03/understanding-the-x64-code-models/
[64] "Linux kernel debugging using KGDB/GDB" http://sploitfun.blogspot.com/2013/06/linux-kernel-debugging-using-kgdbgdb.html
[65] "System V ABI x86-64 Linux" http://www.x86-64.org/documentation/abi.pdf
[66] "Linux x86 Program Start Up" http://dbp-consulting.com/tutorials/debugging/linuxProgramStartup.html
[67] "The dissection of a simple hello world ELF file" https://github.com/mewrev/dissection
[68] "How statically linked programs run on Linux" http://eli.thegreenplace.net/2012/08/13/how-statically-linked-programs-run-on-linux
[69] "100 GDB tips" https://github.com/hellogcc/100-gdb-tips/tree/master/src
[70] "Code as Art: Assembly x86_64 programming for Linux" http://0xax.blogspot.sk/p/assembly-x8664-programming-for-linux.html
[71] "Abusing .CTORS and .DTORS for fun 'n profit" http://vxheaven.org/lib/viz00.html
[72] "Static linking (x86) internals" http://sploitfun.blogspot.sk/2013/02/linking-with-static-library-internals.html
[73] "Dynamic linking (x86) internals" http://sploitfun.blogspot.sk/2013/06/dynamic-linking-internals.html
[74] "Static linking (x86_64) internals" http://sploitfun.blogspot.sk/2013/07/static-linking-x8664-internals.html
[75] "Dynamic linking and x86_64 internals" http://sploitfun.blogspot.sk/2013/07/dynamic-linking-x8664-internals.html
[76] "Load-time relocation of shared libraries" http://eli.thegreenplace.net/2011/08/25/load-time-relocation-of-shared-libraries
[77] "A Whirlwind Tutorial on Creating Really Teensy ELF Executables for Linux" http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html
[78] "Kickers of ELF" http://www.muppetlabs.com/~breadbox/software/elfkickers.html

=== Mac OSX

[1] http://0xfeedface.org/~shawn/docs
[2] http://reverse.put.as/
[3] http://samhuri.net/blog/2010.01.18-basics-of-the-mach-o-file-format
[4] IDA FIX OBJC_MSGSEND SCRIPT https://github.com/zynamics/objc-helper-plugin-ida
[5] http://www.sysprobs.com/how-to-use-os-x-10-9-vmware-image-windows-8-windows 
[6] http://www.sysprobs.com/vmware-workstation-8-0-8-0-1-unlocker-to-run-mac-os-x-guest-in-windows-7 
[7] http://archive.org/details/RECON2008 (T06)
[8] "The Mac Hacker's Handbook" by Charlie Miller