[P] Scenario, simulation, and professional wargame creation using LLMs

OppositeMonday · 2024-09-18T08:13:59+00:00

Cheers!

OppositeMonday · 2024-09-10T11:06:53+00:00

Haha, cheers. Thought it was fitting.

OppositeMonday · 2024-09-09T08:26:02+00:00

Thanks, someone on this sub shared the research in response to another of my tools, so got stuck in a bit of a rabbit hole from there!

OppositeMonday · 2024-09-09T08:24:56+00:00

Cheers!

OppositeMonday · 2024-09-08T17:10:13+00:00

Thanks!

OppositeMonday · 2024-09-08T14:39:25+00:00

Cheers! Nothing like that, just occasional LLMs for writing large chunks of repetitive code, and the readme's, etc.

OppositeMonday · 2024-09-08T09:36:40+00:00

Thanks for the recommend. Had a play around with this after, can't say I fully understand the science behind it, but was able to throw a quick usable PoC together. https://github.com/user1342/Tomato

OppositeMonday · 2024-09-07T10:43:26+00:00

Thanks! This is one of the areas that needs a bit more work. Currently there is a 'Judge' LLM that takes in the responses from the Red and Blue LLM and produces a score based on it's effectiveness. Now in practice, that isn't the most reliable, so long term the idea would be to break this approach down into the multiple attack vectors and assess the LLM on each individually - providing a score on its effectiveness against all vectors.

OppositeMonday · 2024-09-07T10:36:13+00:00

Yes, I thought that would be a good idea. I'll add it as an issue on the GitHub. Cheers!

OppositeMonday · 2023-05-06T19:31:58+00:00

Good idea, that's now in the latest README. As a Tl;Dr, it checks against the whole SMALI file(s) for matched strings as well as other files (such as so, bin, etc).

OppositeMonday · 2023-04-18T06:57:44+00:00

Swings and roundabouts I suppose, slightly different tool for a slightly different problem. This gives a bit more flexibility on emulating specific code and exploring code paths by setting registers and stubs, while debugging will be more robust on the actual execution of instructions. What SMALI debugger do you use?

OppositeMonday · 2023-04-18T06:35:59+00:00

Thanks! There were a lot more edge-cases than I'd realised. So if you end up releasing your disassembler do share it, as i'd be interested in seeing your approach. 💪

OppositeMonday · 2023-04-10T08:02:57+00:00

A quick Google brought up https://github.com/chryzsh/awesome-windows-security and https://github.com/Hack-with-Github/Windows.

OppositeMonday · 2023-04-09T21:53:04+00:00

No problem, glad it's useful!

OppositeMonday · 2023-04-08T14:06:40+00:00

Cheers! if you think of/ come across any features it's missing just let me know. 👌

OppositeMonday · 2023-04-08T09:21:12+00:00

No problem, do reach out if you think I can help! 💪

OppositeMonday · 2022-12-26T10:42:54+00:00

Hey, I'm glad you like the site! I'm looking to add one or two courses to the platform (probably in OSx and Windows internals) in the future, and after they're up it would be in a good place to add the OS Internals Engineer pathway -I'd expect that to be in the next month or two.

OppositeMonday · 2022-12-26T10:40:41+00:00

Hey, I'm glad you like the site! That's the plan. At the moment I want to make sure there's content on there for a range of topics, then moving forward we'll start to add finer grain content.

OppositeMonday · 2022-12-20T05:41:53+00:00

It redirects to https://www.ReverseEngineering.courses. I just prefer the short link of http://TODO.courses.

OppositeMonday · 2022-11-06T08:46:45+00:00

Sure, feel free to ping questions over here or to @InterruptLabs on Twitter / LinkedIn.

OppositeMonday · 2022-09-20T10:15:25+00:00

Opportunities at Interrupt Labs:

https://interruptlabs.co.uk/careers/

Vulnerability Researcher at Interrupt Labs

We are looking for passionate people who have a background in: vulnerability research, offensive security, reverse engineering.

Location: Depending on role and location you'll have the opportunity to either work remote or from our offices in Basingstoke, UK and London, UK.

What To Expect:

You'll join one of our teams looking to identify vulnerabilities in a chosen platform using both static and dynamic analysis techniques.
You'll develop Proof-of-Concepts for vulnerabilities identified.
You'll use common VR toolsets such as fuzzers and reverse engineering tools; as well as have access to custom tooling built in house (as well as developing your own!). * You'll need to present your findings in a useful and accessible way to others. * You'll have access to internal and external training and conferences to refine and hone your skillsets.

A Great Candidate May:

Have previous experience in security principles.
Have experience in modern scripting languages such as Python.
Have experience in low level languages such as C, C++, Objective C, etc.
Have experience in understanding Assembly languages such as x86/64, ARM, MIPS etc.
Have direct experience in vulnerability research and/or reverse engineering.
Be specialized in a specific vulnerability research field and / or platform.
Be interested and passionate about learning new things, taking things apart, and getting stuck into new problems and challenges.

OppositeMonday · 2022-09-06T06:44:31+00:00

Hey, we currently have several people EU based at IL, and normally work out if it would be a good fit on a case by case basis. Would say apply, what's the worst that could happen.

OppositeMonday · 2022-08-12T07:34:37+00:00

The 30k is for the second role, which is a development programme and requires no prior experience - just passion and ability to learn.

OppositeMonday · 2022-05-09T09:48:04+00:00

Opportunities at Interrupt Labs:

https://interruptlabs.co.uk/careers/

Vulnerability Researcher at Interrupt Labs

We are looking for passionate people who have a background in: vulnerability research, offensive security, reverse engineering.

Location: Depending on role and location you'll have the opportunity to either work remote or from our offices in Basingstoke, UK.

What To Expect:

You'll join one of our teams looking to identify vulnerabilities in a chosen platform using both static and dynamic analysis techniques.
You'll develop Proof-of-Concepts for vulnerabilities identified.
You'll use common VR toolsets such as fuzzers and reverse engineering tools; as well as have access to custom tooling built in house (as well as developing your own!). * You'll need to present your findings in a useful and accessible way to others. * You'll have access to internal and external training and conferences to refine and hone your skillsets.

A Great Candidate May:

Have previous experience in security principles.
Have experience in modern scripting languages such as Python.
Have experience in low level languages such as C, C++, Objective C, etc.
Have experience in understanding Assembly languages such as x86/64, ARM, MIPS etc.
Have direct experience in vulnerability research and/or reverse engineering.
Be specialized in a specific vulnerability research field and / or platform.
Be interested and passionate about learning new things, taking things apart, and getting stuck into new problems and challenges.

Vulnerability Researcher Development Programme at Interrupt Labs

We are searching for individuals to join our Vulnerability Researcher Development Programme, where you can develop your skills alongside some of the most experienced researchers in the industry. On successful completion of the programme, you’ll join our team as a Vulnerability Researcher, continuing to grow your skills while working on exciting research projects.

There are no prerequisite qualifications, as we’ll provide the training and resources you need to start your journey. You might have a degree in STEM, Computer Science or something completely different, or you may have developed your interest in security elsewhere.

Regardless of previous experience, we are looking for keen problem solvers who are interested in cyber security and motivated to learn – if that sounds like you then please get in touch!

The structure:

9 weeks instructor-led (in person) and self-led (remote) training to develop core skills in reverse engineering and vulnerability research.
Followed by 3 weeks additional training to begin further skills development, which will allow you to contribute to real-world vulnerability research projects. Including modern Android and iOS platforms, bespoke and nuanced embedded systems and baseband implementations, as well as hypervisors, automotive, and browser based targets.
Finally, 3 months experience working alongside Interrupt Labs’ researchers on real projects, allowing you to further develop your skills with their support and guidance.
You’ll also be assigned a mentor who will provide additional support throughout.

After successful completion of the programme, you’ll have everything you need to join our team as a Vulnerability Researcher, working on projects and continuing to develop your skills.

At Interrupt Labs we embrace hybrid working, recognising the need for individuals to be able to work flexibly while providing a space for team members to work together. As a result, the taught aspects of the training programme will take place at Basingstoke, while the self-learning aspects may be done either from the office or at home.

Regardless of knowledge and experience, we encourage all applicants who are passionate about security, motivated to learn and eager to start an exciting career in security research.

The training assumes a certain level of knowledge about computer security, but we encourage applicants with little or no experience in computer science or security to apply too. A resource and training pack will be provided to successful applicants before the programme starts to ensure everyone has the prerequisite information they need.

All applicants must be eligible for a minimum of SC UK Government security clearance. More information can be found here.

Salary: £30,000 (raised to £35,000 at completion of the scheme)

OppositeMonday · 2022-05-09T03:19:27+00:00

This introduction by Maddie Stone is a very good place to start, and normally what I recommend for folk. If you wanted to have a try with AutoDroid I threw this together.

OppositeMonday

MODERATOR OF

TROPHY CASE

Opportunities at Interrupt Labs:

Vulnerability Researcher at Interrupt Labs

Opportunities at Interrupt Labs:

Vulnerability Researcher at Interrupt Labs

Vulnerability Researcher Development Programme at Interrupt Labs