qiling icon indicating copy to clipboard operation
qiling copied to clipboard
verified publisher icon qilingframework

Collection of works, presentations, blogpost, etc for Qiling related projects

Open xwings opened this issue 5 years ago • 0 comments

Official Youtube

  • Official Youtube Channel: https://www.youtube.com/@qilingframework

Showcase

  • Emotet's embedded C2
  • https://gist.github.com/LloydLabs/d4e0ffba3ba6ccce17fafc08d9118385
  • dragonfly
  • https://dragonfly.certego.net/
  • pwnservice
  • https://github.com/The-Soloist/pwnservice
  • Karton Unpacker
  • https://github.com/CERT-Polska/karton
  • Qualcomm Sahara / Firehose Attack Client / Diag Tools
  • https://github.com/bkerler/edl
  • FileInsight-plugins
  • https://github.com/nmantani/FileInsight-plugins
  • efi_fuzz
  • https://github.com/Sentinel-One/efi_fuzz
  • vacation3
  • https://github.com/ioncodes/vacation3-emu

Tutorial

  • Qiling Lab 01
  • https://www.shielder.it/blog/2021/07/qilinglab-release/
  • https://joansivion.github.io/qilinglabs/
  • https://gist.github.com/dark-lbp/e957b43fee6df67cece4a58ccef633ab
  • https://gist.github.com/h4x5p4c3/da447b85a59a5defa4b5747d949f0a03
  • Arm64 binary emulation using Qiling Framework
  • https://www.youtube.com/watch?v=VSdV2JW_7oA

Papers

  • On the Effectiveness of Binary Emulation in Malware Classification
  • https://arxiv.org/pdf/2204.04084.pdf
  • LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk
  • https://documents.trendmicro.com/images/TEx/pdf/Technical-Brief---LoRaWANs-Protocol-Stacks-The-Forgotten-Targets-at-Risk.pdf
  • FIRMGUIDE: Boosting the Capability of Rehosting Embedded Linux Kernels through Model-Guided Kernel Execution
  • http://yajin.org/papers/ase21_firmguide.pdf
  • EDGE OF THE ART IN VULNERABILITY RESEARCH VERSION 4 OF 4
  • https://apps.dtic.mil/sti/pdfs/AD1126216.pdf
  • Dragonfly: next generation sandbox
  • https://amslaurea.unibo.it/20894/1/Dragonfly%20next%20generation%20sandbox.pdf

Writeup

  • [Fuzzing] Qiling 框架在 Ubuntu22.04 rootfs下遇到 CPU ISA level 错误的临时解决方案
  • https://cloud.tencent.com/developer/article/2144036
  • Unionware Writeup Part A [UnionCTF 2021]
  • https://cxiao.net/posts/2021-10-10-unionware-writeup-part-a/
  • Dynamic analysis of firmware components in IoT devices
  • https://ics-cert.kaspersky.com/publications/reports/2022/07/06/dynamic-analysis-of-firmware-components-in-iot-devices/?utm_source=securelist&utm_medium=link&utm_campaign=dynamic-analysis-of-firmware-components-in-iot-devices
  • [原创]一种新的Android Runtime环境仿真及调试方法
  • https://bbs.pediy.com/thread-272605.htm
  • A Sneak Peek into Smart Contracts Reversing and Emulation
  • https://www.shielder.com/blog/2022/04/a-sneak-peek-into-smart-contracts-reversing-and-emulation/
  • QILING: un framework para emular binarios muy útil para el análisis de malware
  • https://www.welivesecurity.com/la-es/2022/04/01/qiling-framework-emular-binarios-para-analisis-malware/
  • Reversing embedded device bootloader (U-Boot)
  • https://www.shielder.com/blog/2022/03/reversing-embedded-device-bootloader-u-boot-p.1/
  • https://www.shielder.com/blog/2022/03/reversing-embedded-device-bootloader-u-boot-p.2/
  • PancakeCon CTF "Crack" Challenge
  • https://devilinside.me/blogs/pancakecon-ctf-crack-challenge
  • TP-Link XDR-5430-V2 研究分享 - 第一章
  • https://mp.weixin.qq.com/s?__biz=MzIzODAwMTYxNQ==&mid=2652141409&idx=1&sn=9d11237b4ea6457431de5bcf72e6a786&chksm=f320dbc1c45752d718b086a1061ba806efd741f54384d9bf4f063fb0f6dc1d52c77d39b64def&mpshare=1&scene=1&srcid=1228QkzhEvROEcflXGTLtmQh&sharer_sharetime=1640686032792&sharer_shareid=543a59f5c558dcd522e161779f8928f8#rd
  • Leveraging Qiling for Kport strings decryption
  • https://raw-data.gitlab.io/post/kpotv1_emul/
  • Decrypt configuration files like exactly how Huawei ONT does
  • https://devilinside.me/blogs/decrypt-configuration-files-exactly-how-huawei-ont-does
  • Hunting IcedID and unpacking automation with Qiling
  • https://blogs.vmware.com/security/2021/07/hunting-icedid-and-unpacking-automation-with-qiling.html
  • [Mal Series # 17] Binary Emulation with Qiling Framework
  • https://ghoulsec.medium.com/mal-series-17-binary-emulation-with-qiling-framework-322fb4602cfe
  • Automatic unpacking with Qiling framework
  • https://kernemporium.github.io/posts/unpacking/
  • WINTERN 2020: IOT FIRMWARE ANALYSIS
  • https://margin.re/blog/wintern-2020-iot-firmware-analysis.aspx
  • Unpacking In-Memory Malware with Qiling
  • https://codemuch.tech/2021/04/28/unpacking-in-memory-malware/
  • Qiling: A true instrumentable binary emulation framework
  • https://isc.sans.edu/diary/Qiling%3A+A+true+instrumentable+binary+emulation+framework/27372
  • Playing with PE Files, Packers and Qiling Framework
  • https://nahueldsanchez.com.ar/Playing-with-PE-Files-Packers-and-Qiling-Framework/
  • Unpacking RAGNARLOCKER via emulation
  • https://blog.reversing.xyz/docs/posts/unpacking_ragnarlocker_via_emulation/
  • Reproducing n-day vulnerabilities and writing N-day based fuzzer with Qiling
  • https://devilinside.me/blogs/reproducing-ndays-qiling
  • Emulated a Netgear router binary using qiling to reverse a backdoor
  • https://github.com/bkerler/netgear_telnet/blob/main/research/qiling_emulate.py
  • Using Qiling Framework to Unpack TA505 packed samples
  • https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/using-qiling-framework-to-unpack-ta505-packed-samples/#ta505-packer
  • [PT007] Simulating and hunting firmware vulnerabilities with Qiling
  • https://blog.vincss.net/2020/12/pt007-simulating-and-hunting-firmware-vulnerabilities-with-Qiling.html
  • Decrypt Aisuru Bot Encoded Strings with Qiling Framework
  • http://binaryhax0r.blogspot.com/2020/07/decrypt-aisuru-bot-encoded-strings-with.html
  • Brute-Force Flareon2015 Challenge#2 with Qiling
  • http://binaryhax0r.blogspot.com/2020/09/brute-force-flareon2015-challenge2-with.html
  • Moving From Manual Reverse Engineering of UEFI Modules To Dynamic Emulation of UEFI Firmware
  • https://labs.sentinelone.com/moving-from-manual-re-of-uefi-modules-to-dynamic-emulation-of-uefi-firmware/
  • Qiling & Binary Emulation for automatic unpacking
  • https://kernemporium.github.io/articles/en/auto_unpacking/m.html
  • [原创]使用Qiling IDA插件解密Mirai病毒数据
  • https://bbs.pediy.com/thread-262073.htm
  • Part II: Analyzing a buffer overflow in the DLINK DIR-645 with Qiling framework, Part II
  • https://github.com/nahueldsanchez/blogpost_qiling_dlink_2
  • Part I: Analyzing a buffer overflow in the DLINK DIR-645 with Qiling framework and Ghidra.
  • https://nahueldsanchez.wordpress.com/2020/08/10/analizing-a-buffer-overflow-in-the-dlink-dir-645-with-qiling-framework-and-ghidra/
  • 翻译: https://xz.aliyun.com/t/8156
  • Automated dynamic import resolving using binary emulation
  • https://lopqto.me/posts/automated-dynamic-import-resolving
  • Using Qiling to resolve obfuscated import on windows
  • https://gist.github.com/y0ug/b83fcf121f80d419c8d5eb342ca31a59
  • Dive deeper – Analyze real mode binaries like a Pro with Qiling Framework
  • https://hackmd.io/@ziqiaokong/BkbGuCJND
  • 中文; https://blog.ihomura.cn/2020/09/06/%E7%94%A8%E9%BA%92%E9%BA%9F%E6%A1%86%E6%9E%B6%E6%B7%B1%E5%85%A5%E5%88%86%E6%9E%90%E5%AE%9E%E6%A8%A1%E5%BC%8F%E4%BA%8C%E8%BF%9B%E5%88%B6%E6%96%87%E4%BB%B6
  • How to reproduce CVE-2020-8962 with Qiling Framework
  • https://ucgjhe.github.io/post/cve_2020_8962/
  • Qiling For Malware Analysis: Part 1 and Part 2
  • https://n1ght-w0lf.github.io/tutorials/qiling-for-malware-analysis-part-1/
  • https://n1ght-w0lf.github.io/tutorials/qiling-for-malware-analysis-part-2/
  • PE Emulation With Code Coverage Using Qiling and Dragon Dance
  • https://pwnage.io/pe-code-coverage-emulation-qiling/
  • 翻译: https://bbs.pediy.com/thread-261841.htm
  • Automated malware unpacking with binary emulation
  • https://lopqto.me/posts/automated-malware-unpacking
  • ByteBandits CTF 2020 - Autobot
  • https://chinmaydd.in/2020/04/13/Autobot/
  • Qiling Scripting and Simple RE Task
  • https://trib0r3.github.io/posts/qiling-scripting-and-simple-re-task/
  • Certego research at the HITB Security Conference:
  • https://www.certego.net/en/news/certego-research-at-the-hitb-security-conference/
  • EFI_DXE_Emulator: Qiling support in the works!
  • https://firmwaresecurity.com/2020/05/06/efi_dxe_emulator-qiling-support-in-the-works/
  • 多架构二进制 Fuzzing 的几种环境搭建
  • https://www.zybuluo.com/H4l0/note/1666939
  • Phân tích mẫu mã độc khai thác lỗ hổng Microsoft Office Equation Editor
  • https://blog.viettelcybersecurity.com/phan-tich-mau-ma-doc-khai-thac-lo-hong-microsoft-office-equation-editor/
  • Qiling Fuzzer
  • https://github.com/domenukk/qiling/blob/unicornafl/afl/README.md
  • Csaw CtF
  • https://github.com/re-fox/capture_the_flag/blob/master/rabbithole/rabbithole_qiling.py

Media

  • https://isc.sans.edu/podcastdetail.html?id=7482
  • https://www.kitploit.com/2020/02/qiling-advanced-binary-emulation.html
  • https://hakin9.org/qiling-advanced-binary-emulation-framework/
  • https://infoseccampus.com/sectools-e19-kaijern/

Conference

  • https://www.blackhat.com/eu-22/arsenal/schedule/#reversing-mcu-with-firmware-emulation-29553
  • https://blackhatmea.com/node/724
  • https://www.blackhat.com/us-21/arsenal/schedule/index.html#bringing-the-x-complete-re-experience-to-smart-contract-24119
  • https://conference.hitb.org/hitbsecconf2021ams/sessions/when-qiling-framework-meets-symbolic-execution/
  • Video: https://www.youtube.com/watch?v=8omtif6CnnY
  • https://www.blackhat.com/asia-21/arsenal/schedule/index.html#qiling-smart-analysis-for-smart-contract-22643
  • https://www.blackhat.com/eu-20/arsenal/schedule/index.html#qiling-framework-deep-dive-into-obfuscated-binary-analysis-21781
  • https://conference.hitb.org/hitb-lockdown002/virtual-labs/virtual-lab-qiling-framework-learn-how-to-build-a-fuzzer-based-on-a-1day-bug/
  • https://www.blackhat.com/us-20/arsenal/schedule/index.html#qiling-framework-from-dark-to-dawn-----enlightening-the-analysis-of-the-most-mysterious-iot-firmware--21062
  • https://www.blackhat.com/asia-20/arsenal/schedule/index.html#qiling-lightweight-advanced-binary-analyzer-19245
  • https://nullcon.net/website/goa-2020/speakers/kaijern-lau.php
  • https://conference.hitb.org/lockdown-livestream/
  • https://www.defcon.org/html/defcon-27/dc-27-demolabs.html#QiLing
  • https://hitcon.org/2019/CMT/agenda
  • https://zeronights.ru/report-en/qiling-io-advanced-binary-emulation-framework/

Podcast

  • Episode 1: https://www.youtube.com/watch?v=lCSVNr5p9LI
  • Episode 2: https://www.youtube.com/watch?v=074zX1LeR5I
  • Episode 3: https://www.youtube.com/watch?v=BOFG5GzdM4k
  • Episode 4: https://www.youtube.com/watch?v=14NQJkvR_gU

Youtube

  • Official Youtube Channel: https://www.youtube.com/@qilingframework
  • Talk In HITB Cyberweek, Nov 2020: https://www.youtube.com/watch?v=ykUXUZo8fAk
  • Talk In HITBLockdown 002, July 2020: https://www.youtube.com/watch?v=e3_T3KLh2NU
  • Talk In HITBLockdown 001, April 2020: https://www.youtube.com/watch?v=2fHCrWduGuw
  • Talk In Nullcon, March 2020: https://www.youtube.com/watch?v=K_eyXesGJbQ
  • Talk in zeronights, Nov 2019: https://www.youtube.com/watch?v=xf0i9kfHKDI

xwings avatar Mar 10 '20 23:03 xwings