Reading List in Jan 2021
A collection of my interesting blogs, talks, researches I read in a month
My reading list in Jan 2021
A first look at Ghidra’s Debugger - Game Boy Advance Edition: wow I found this blog, so awesome. Other posts in this blog are so well written. I may take a look at SMT32 someday soon.
Linux Hardening Guide: I may need this for CCDC competition.
Tool help Reverse Golang: Redness seem cool. Wonder if it can work with IDA.
Reversing TL-WR840N: A command injection vulerabilities in Dropbear.
TP-Link TL-WR841N Command Injection Exploit: Good writeup, like it.
Auditing system calls for command injection vulnerabilities using Ghidra’s PCode: Ghidra PCode programming is very helpful in analysis large binary, firmware for example.
SymCC: I personnaly like QSYM, but this is even faster and better. I should try to fuzz binary sometimes with SymCC.
PwnDocker: Recently I setup a docker for pwning CTF purpose, this Docker is very useful, it has everything I need.
Learning Linux Kernel Exploitation: Midas wrote a series for beginner to start with kernel exploitation. The content quality is top-notch.
RISC-V Vector Instructions vs ARM and x86 SIMD: To me, SIMD research will be somewhat useless in hardware due to the nice hardware support in RISC-V.
Side channel attack on ECDSA MUL operation: Again, lattice-based with partial knowledge of the nonces shine. The craziest thing is to recover unknown bits with machine learning, wtf?
Veripal: They provide VSCode extension and nice diagrams, I think I should write a blogpost about cryptohack challenge with Veripal.
Performance Engineering of Software System: Useful resources. I’ve read first 4 chapters:
cilk_foras parallel loops. Rule of thumbs: Parallize outer loops rather than inner loops.
Bently Rules: These rules are useful, for example the one I used to use:
Eliminating wasted iterations,
Creating a fast path,
Bit Hacks: I love this chapter very much.
Architectural Improvements: I already know assembly, so the AVX2 and architecture are useful. Most of the present techniques are support by compiler. So I don’t know learning Out-of-order execution and Register renaming are useful at all.