Sophia d'Antoine quend

## gist:d35d223f7e88a2dc8855ab3cfe11c132
0x811fa873de51c323420802721ac36584c9cc8cd4

## compile_to_bitcode.sh
#!/bin/bash
#!/usr/bin/env bash
# Run this script in the main directory of openssl.
# Requires python3


set -e

# download necessary parsing script
wget https://gist.githubusercontent.com/quend/e44520133e2cd8a6da98ce1c2a02a7b1/raw/8c93794dc2dc6cdd84255eb2de8416b59cf53a9b/comp_db_generate.py

## comp_db_generate.py
#!/usr/bin/env python3

'''
    This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License

    Generate a shell script to replicate build steps from a compile database
    produced by the Bear tool, but create bitcode files instead of object files.

    usage:
        ./comp_db_generate.py -o build.sh -l [llvm root] compile_database.json \

## standalone_aesni_cbc_hmac_sha1_cipher.c
// clang -L/usr/local/opt/openssl/lib -I/usr/local/opt/openssl/include -lssl -lcrypto -O0 -g aesni_cbc_hmac_sha1_cipher.c && ./a.out

#include <stdio.h>
#include <string.h>

#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/aes.h>
#include <openssl/sha.h>
#include <openssl/rand.h>

## MAST Summary
A mobile application security toolkit to provide binary obfuscation,
both static and dynamic at the compiler level for iOS and OSX applications.
The features target to defend against hackers, reverse engineers, software pirates, and competitors.


This LLVM based toolkit relies on advances is the use of cryptography,
code obfuscation, anti-debugging capabilities and novel iOS jailbreak detection.
It was developed as a part of DARPA’s Cyber Fast Track.


## AEG background material
Existing AE work focused on Restricted Models:
Sean Heelan’s “Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities”
David Brumley (@ Carnegie Mellon) et al. (AEG, MAYHEM, etc)
Most whitepapers on Cyber Grand Challenge! (CGC)

[Good Course Material]
https://www.cs.umd.edu/class/spring2013/cmsc631/lectures/symbolic-exec.pdf
https://www.utdallas.edu/~zxl111930/spring2012/public/lec4.pdf
http://web.mit.edu/16.399/www/lecture_01-intro/Cousot_MIT_2005_Course_01_4-1.pdf
http://homepage.cs.uiowa.edu/~tinelli/classes/seminar/Cousot.pdf

## Google Cyber Open Source Initiative
The Core Infrastructure Initiative (CII) and its members have come together to invest in core infrastructure,
providing funding for fundamental projects like OpenSSL, OpenSSH, NTPd and others.
These impact of these grants was felt immediately, with projects being able to add team members,
improve coding best practices, set up predictable release schedules and roadmaps and perform audits
to help future proof code. Under the guidance of the Advisory Board, CII is actively researching and
identifying new projects that need support and working with established projects to ensure best practices
are being followed to help create a culture of secure coding practices.

List of past projects:
GnuPG

## gist:8f4e81435a079d966d0d
Sharon Simmons
RPISEC
Department of Computer Science
Rensselaer Polytechnic Institute
Lally 209A
110 8th Street
Troy, NY  12180

## since 2:44pm?
10:33 loo    : Hello
10:33 loo    : xerphn: did you fix your issue?
10:33 loo    : doom: 200 upvotes!
10:33 loo    : Do people sleep now?
10:33 aweinstock    : https://opensource.com/life/15/10/open-source-cobol-development
10:33 RyanWithZombies    : doom: welcome to the frontier of human knowledge
10:33 RyanWithZombies    : at ToB, that's our response to when people are googling something and the only thing that comes up is projects by other ToB members
10:33 ***    : Playback Complete.
10:33 Mode: +nrt
10:33 Created at: Nov 13, 2014, 11:37 PM

## dump_prime.py
currentEa = 0x2214

i = 0
out = []
while i < 3476:
    out.append(Word(currentEa))
    currentEa += 2
    i += 1

fd = open(r'prime_index_map.py', 'wb')
	#!/bin/bash
	#!/usr/bin/env bash
	# Run this script in the main directory of openssl.
	# Requires python3


	set -e

	# download necessary parsing script
	wget https://gist.githubusercontent.com/quend/e44520133e2cd8a6da98ce1c2a02a7b1/raw/8c93794dc2dc6cdd84255eb2de8416b59cf53a9b/comp_db_generate.py
	#!/usr/bin/env python3

	'''
	This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License

	Generate a shell script to replicate build steps from a compile database
	produced by the Bear tool, but create bitcode files instead of object files.

	usage:
	./comp_db_generate.py -o build.sh -l [llvm root] compile_database.json \
	// clang -L/usr/local/opt/openssl/lib -I/usr/local/opt/openssl/include -lssl -lcrypto -O0 -g aesni_cbc_hmac_sha1_cipher.c && ./a.out

	#include <stdio.h>
	#include <string.h>

	#include <openssl/evp.h>
	#include <openssl/objects.h>
	#include <openssl/aes.h>
	#include <openssl/sha.h>
	#include <openssl/rand.h>
	A mobile application security toolkit to provide binary obfuscation,
	both static and dynamic at the compiler level for iOS and OSX applications.
	The features target to defend against hackers, reverse engineers, software pirates, and competitors.


	This LLVM based toolkit relies on advances is the use of cryptography,
	code obfuscation, anti-debugging capabilities and novel iOS jailbreak detection.
	It was developed as a part of DARPA’s Cyber Fast Track.
	Existing AE work focused on Restricted Models:
	Sean Heelan’s “Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities”
	David Brumley (@ Carnegie Mellon) et al. (AEG, MAYHEM, etc)
	Most whitepapers on Cyber Grand Challenge! (CGC)

	[Good Course Material]
	https://www.cs.umd.edu/class/spring2013/cmsc631/lectures/symbolic-exec.pdf
	https://www.utdallas.edu/~zxl111930/spring2012/public/lec4.pdf
	http://web.mit.edu/16.399/www/lecture_01-intro/Cousot_MIT_2005_Course_01_4-1.pdf
	http://homepage.cs.uiowa.edu/~tinelli/classes/seminar/Cousot.pdf
	The Core Infrastructure Initiative (CII) and its members have come together to invest in core infrastructure,
	providing funding for fundamental projects like OpenSSL, OpenSSH, NTPd and others.
	These impact of these grants was felt immediately, with projects being able to add team members,
	improve coding best practices, set up predictable release schedules and roadmaps and perform audits
	to help future proof code. Under the guidance of the Advisory Board, CII is actively researching and
	identifying new projects that need support and working with established projects to ensure best practices
	are being followed to help create a culture of secure coding practices.

	List of past projects:
	GnuPG
	Sharon Simmons
	RPISEC
	Department of Computer Science
	Rensselaer Polytechnic Institute
	Lally 209A
	110 8th Street
	Troy, NY 12180
	10:33 loo : Hello
	10:33 loo : xerphn: did you fix your issue?
	10:33 loo : doom: 200 upvotes!
	10:33 loo : Do people sleep now?
	10:33 aweinstock : https://opensource.com/life/15/10/open-source-cobol-development
	10:33 RyanWithZombies : doom: welcome to the frontier of human knowledge
	10:33 RyanWithZombies : at ToB, that's our response to when people are googling something and the only thing that comes up is projects by other ToB members
	10:33 *** : Playback Complete.
	10:33 Mode: +nrt
	10:33 Created at: Nov 13, 2014, 11:37 PM
	currentEa = 0x2214

	i = 0
	out = []
	while i < 3476:
	out.append(Word(currentEa))
	currentEa += 2
	i += 1

	fd = open(r'prime_index_map.py', 'wb')