Presented at
DEF CON 16 (2008),
Aug. 9, 2008, 10 a.m.
(50 minutes).
This presentation will detail the newest developments in RE:Trace, a reverse engineering framework based on Ruby and DTrace. We will discuss implementations for walking and searching the heap on OS X, tracing for kernel and driver vulnerabilities, pinpointing format string bugs and leveraging custom application probes, such as those built into browser and database software.
Presenters:
-
David Weston
- Security Engineer, SAIC
David Weston is security researcher and penetration tester at Science Applications International Corporation. Pursuing a graduate degree his research interests include: Fuzzing and Reverse Engineering. He has an undergraduate degree from the University of California at Santa Barbara.
-
Tiller Beauchamp
- Senior Security Engineer, SAIC
Tiller Beauchamp works as a senior security consultant for SAIC providing security auditing services to large commercial, state and DoD customers. His areas of expertise include network penetration testing, web application security, IPv6 and exploit development. Beauchamp earned his M.S. in Computer Science from the University of Oregon with a specialization in software engineering. He has worked as the lead developer for Team Defend, SAIC's portable computer and network defense exercise. Beauchamp is also responsible for maintaining the company's penetration toolkit and penlab.
Links:
Similar Presentations: