Static instrumentation based on executable file formats: A novel approach for binaries analysis

Presented at REcon 2018, June 16, 2018, 10:30 a.m. (30 minutes).

Many instrumentation techniques are based on modifying code or system environment of the target. It can be suitable for scenarios but it could not work under certain circumstance (integrity checking, non-rooted environment...) In this talk we propose similar techniques by only modifying the executable format. This enables to be architecture independent, injection and hooking does not require privileged environment.


Presenters:

  • Romain Thomas
    Romain Thomas is a security engineering working on the development of new tools to assist security researchers. He is also interested in Android internal, (de)obfuscation and software protections. He previously contributed to the Triton project, a dynamic binary analysis framework.

Links:

Similar Presentations: