Reading List in Jan 2021

Technology in Watchlist: I love no code and cross-platform app development.

pclmulqdq Tricks: Nice explanation and visualization of GF[2]/[x] operation.

Scipy Lecture notes: Useful topics: Optimizing code, plotting, and symbolic math in Python.

A first look at Ghidra’s Debugger - Game Boy Advance Edition: wow I found this blog, so awesome. Other posts in this blog are so well written. I may take a look at SMT32 someday soon.

A common weakness in Hash

Linux Hardening Guide: I may need this for CCDC competition.

Reversing Golang

Tool help Reverse Golang: Redness seem cool. Wonder if it can work with IDA.

Reversing TL-WR840N: A command injection vulerabilities in Dropbear.

TP-Link TL-WR841N Command Injection Exploit: Good writeup, like it.

Auditing system calls for command injection vulnerabilities using Ghidra’s PCode: Ghidra PCode programming is very helpful in analysis large binary, firmware for example.

SymCC: I personnaly like QSYM, but this is even faster and better. I should try to fuzz binary sometimes with SymCC.

PwnDocker: Recently I setup a docker for pwning CTF purpose, this Docker is very useful, it has everything I need.

Learning Linux Kernel Exploitation: Midas wrote a series for beginner to start with kernel exploitation. The content quality is top-notch.

RISC-V Vector Instructions vs ARM and x86 SIMD: To me, SIMD research will be somewhat useless in hardware due to the nice hardware support in RISC-V.

Side channel attack on ECDSA MUL operation: Again, lattice-based with partial knowledge of the nonces shine. The craziest thing is to recover unknown bits with machine learning, wtf?

Veripal: They provide VSCode extension and nice diagrams, I think I should write a blogpost about cryptohack challenge with Veripal.

Performance Engineering of Software System: Useful resources. I’ve read first 4 chapters: