BinCAT: purrfecting binary static analysis

Presented at REcon 2017, June 16, 2017, 3 p.m. (30 minutes)

We present BinCAT, a new open source static analyzer of x86 binary code. It currently implements control flow graph reconstruction, value analysis, taint analysis at the bit level and type reconstruction. Analyses can be led either in forward or backward mode. We expect this tool to be more useful than existing ones as it is (i) extensible in terms of analysis capabilities and supported architectures; (ii) scriptable and (iii) fully integrated into IDA.

Presenters:

• Raphaël Rigo
• Sarah Zennou
• Xavier Mehrenberger
• Philippe Biondi

Links:

• https://recon.cx/2017/montreal/talks/bincat.html
• https://infocon.org/cons/REcon/REcon 2017 Montreal/REcon 2017 Montreal videos/philippe-biondi-xavier-mehrenberger-raphael-rigo-sarah-zennou-BinCAT-purrfecting-binary-static-analysis.mp4
• https://infocon.org/cons/REcon/REcon 2017 Montreal/REcon 2017 Montreal presentations/RECON-MTL-2017-bincat.pdf (slides)

Similar Presentations:

• ShmooCon IX (2013) / Mastiff: Automated Static Analysis Framework
• Black Hat USA 2013 / How to Grow a TREE (Taint-enabled Reverse Engineering Environment) From CBASS (Cross-platform Binary Automated Symbolic-execution System)
• REcon Brussels 2017 / Analyzing iOS apps: road from AppStore to security analysis report