Jamie Scaife - United Kingdom 🇬🇧

Introduction to Reverse Engineering with radare2 Cutter - Part 2: Analysing a Basic Program

Saturday 17th November 2018

I've put together a basic program that takes a number as an input, and outputs whether the number is odd or even.

Enter a Number (or q to quit): 2
2 is even.
Enter a Number (or q to quit): 1
1 is odd.
Enter a Number (or q to quit): 25
25 is odd.
Enter a Number (or q to quit): hello
Invalid Input
Enter a Number (or q to quit): q

If you wish to compile this yourself so that you can follow along with the analysis, I have included the C++ code... Continue reading...

Reverse Engineering Guide

Booting a Physical Windows 10 Disk Using VirtualBox on Linux

Friday 9th November 2018

I recently acquired a computer with an OEM/factory-imaged Windows 10 disk inside. Straight away I took the disk out and replaced it with a Linux SSD, however since I don't own any other Windows systems, this will come in useful for testing my website for browser compatibility in Internet Explorer and Edge. I have put the Windows 10 disk in a USB SATA drive enclosure, and configured VirtualBox to be able to boot the raw disk. Continue reading...

Virtualisation Guide

Introduction to Reverse Engineering with radare2 Cutter - Part 1: Key Terminology and Overview

Tuesday 23rd October 2018

Cutter is an open-source graphical user interface for the radare2 reverse engineering framework. This article contains an introduction to reverse engineering with Cutter, including key terminology and an overview of the Cutter interface and available tools. Cutter can be found on GitHub here: https://github.com/radareorg/cutter Continue reading...

Reverse Engineering Guide

Automatically Testing Your Content Security Policy Using Travis-CI and Headless Chrome Crawler

Saturday 28th July 2018

I have recently put together a Travis-CI build configuration that automatically tests your website for Content Security Policy violations. The configuration sets up a local copy of your site on a Travis-CI virtual machine with a CSP header set to send violation reports to a local reporting endpoint. The site is then crawled using Headless Chrome Crawler, which causes CSP violation reports to be generated where required. These are then displayed at the end of the build log. Continue reading...

Security Apache Chrome