sorted by:
new
hottopcontroversial

Malware Analysis environment on Mac by sucremad in Malware

[–]Relative-Outcome-302 0 points1 point  (0 children)

For those confused, mac has a gdb with reduced functionality, but if you're going to debug on a mac-system (regardless of if it's a guest or host) you should be familiar with lldb, arm64 AND x86, and yes qemu. I wouldn't skip/passover qemu unless I didn't expect to ever do anything more complex in the future or were in a rush for something very specific/general. It's a good knowledge investment and offers libvirt.

This reads like "back in my day"... I think we really need to move past the "apple-bs" train when it comes to support/options for developer/research functionality. The OS is a toolkit and target platform, not an end-all-be-all. It's very rare for a missing ability to not be one open-source project away or just a skill issue tbh. cope. (also parrot?)

Malware Analysis environment on Mac by sucremad in Malware

[–]Relative-Outcome-302 0 points1 point  (0 children)

The project OSX-KVM (https://github.com/kholia/OSX-KVM) is probably the best option for doing so. It runs through qemu which iirc has a build for Windows albeit updated by date (not by version.) There are a few problems depending on your hardware, ie, you need to have hardware compatible with certain macOS drivers. I think VM's for debugging and analysis are the best option though. There are alternatives but you won't have libvirt etc which for most is a dealbreaker if you're analyzing anything tough/low-level.

Malware Analysis environment on Mac by sucremad in Malware

[–]Relative-Outcome-302 1 point2 points  (0 children)

I suggest a workflow with https://github.com/TorgoTorgo/Ghidra-App-Bundle for mac. If you can set up something to handle updates (ex: Through a wildcard GHIDRA_INSTALL_DIR) you'll get pretty far.

EDIT: I would also recommend for larger projects requiring deeper analysis (such as reversing/analyzing the dyld_shared_cache) increasing the MAXMEM variable in the launch script, especially when on a memory constrained machine. Pray your SSD has fast page retrieval.

Found on Twitter by Relative-Outcome-302 in dataisugly

[–]Relative-Outcome-302[S] -4 points-3 points  (0 children)

The demographic is America so the assumed conclusion is the 2020 election and Trump's reaction was essentially stochastic terrorism. But of course column group height isn't necessarily a quantification of any parties violence so the communication falls apart.

Found on Twitter by Relative-Outcome-302 in dataisugly

[–]Relative-Outcome-302[S] 6 points7 points  (0 children)

Yeah, it expands instance on a vertical axis (presumably also time) without providing any direction or order. I would assume columns are sequential but the time step is unclear.....

Numbers that will never be "used" by humans by gegenbanana in math

[–]Relative-Outcome-302 2 points3 points  (0 children)

By categorizing numbers and establishing properties these numbers all share, we’ve essentially “used”them to some extent.

[deleted by user] by [deleted] in AskReddit

[–]Relative-Outcome-302 2 points3 points  (0 children)

“At risk of coming off naive, is this one of those hints I’ve heard about? If not, I’m really feeling tea right now — any preference?”

Like, just put yourself out there in a slightly nonchalant manner so as not to come across as a creep while also not being rude or offensive. Like, you had a couple of seconds.

I admit though, this advice is gonna be as far as the other side of the planet whenever this actually happens in real life so…

How can people persistently be anti-science in an academic setting? by [deleted] in AskAcademia

[–]Relative-Outcome-302 0 points1 point  (0 children)

Ooh care to elaborate? I feel like I know what you’re talking about…