Margin Research (Page 3)

Margin Research Blog

Writings on Security, Research, and Technology

Cannoli: The Fast Qemu Tracer
May 26, 2022

Cannoli: The Fast Qemu Tracer

Cannoli Cannoli is a high-performance tracing engine for qemu-user. It can record a trace of both PCs executed as well as memory operations. It consists of a small patch to QEMU to expose locations to inject some code directly into the JIT, a shared library which is loaded into QEMU

Brandon Falk
By Brandon Falk
The Chinese Private Sector Cyber Landscape
Apr 25, 2022

The Chinese Private Sector Cyber Landscape

As China's "decade-long quest to become a superpower" comes to fruition, the PRC has increasingly moved to eliminate barriers between its civilian-commercial industries and the State.

Margin Research
By Margin Research
Watching the Watchers
Apr 5, 2022

Watching the Watchers

Much of our world relies on open source projects. The Linux kernel is arguably the crowning achievement of the open source movement, the foundation of Google’s Android and NASA’s satellite software. But five of the top ten bug reporters are automated systems.

Winnona Bernsen
By Winnona Bernsen
Ian Roos
By Ian Roos
MikroTik Authentication Revealed
Feb 10, 2022

MikroTik Authentication Revealed

A deep-dive into MikroTik's hand-rolled Elliptic Curve Secure Remote Protocol (EC-SRP) cryptography used in client-server authentication

Ian Dupont
By Ian Dupont
Joe Lothan
By Joe Lothan
Hardware Hacking for Software Hackers
Jan 27, 2022

Hardware Hacking for Software Hackers

Introduction Hello! This resource is meant for anyone with some *nix/software/exploit dev. experience, but with little to no hardware/electronics background! While the ins and outs of basic circuits won't be covered (as there are many great resources for that online), the information is meant to

John Gorbachev
By John Gorbachev
Remote Android Debugging
Jan 14, 2022

Remote Android Debugging

Covid just made GDB obsolete, long live Frida! Imagine a world where you don’t have to press 500 keys just to get to the same state as you were in the last run and where you actually can introspect the runtime. Frida offers a somewhat clean way to debug

Martin Wennberg
By Martin Wennberg
An opinionated guide on how to reverse engineer software, part 1
Nov 2, 2021

An opinionated guide on how to reverse engineer software, part 1

This is an opinionated guide. After 12 years of reverse engineering professionally, I have developed strong beliefs on how to get good at RE.

Ryan Stortz
By Ryan Stortz
Bypassing glibc Safe-Linking: CSAW 2021 Quals (word_games)
Sep 15, 2021

Bypassing glibc Safe-Linking: CSAW 2021 Quals (word_games)

This post analyzes glibc-2.32+'s safe-linking feature introduced in December 2020 in the context of a CTF challenge developed for New York University's CSAW 2021 Quals competition

Ian Dupont
By Ian Dupont
WINTERN 2020: ZOMBIE LINK CRAWLER
May 28, 2021

WINTERN 2020: ZOMBIE LINK CRAWLER

This winter, I had the opportunity to intern at Margin Research. Being a computer science student who had little to no experience in security, I was nervous even applying. Despite that, I really wanted to dip my toes into security to see what it was like. I wanted a stretch

Justin Mai
By Justin Mai
Previous
Page 3 of 4
Next
arrow-up icon