Pointy Stick: Poking Through to the Heart of a Binary

Presented at THOTCON 0x5 (2014), April 25, 2014, noon (20 minutes)

License managers and validation routines are typically very small pieces of code, relative to the applications that contains them. However, to bypass software protections, static analysis is an inefficient method of locating code of interest. Traditional dynamic analysis suffers from lack of targeted snapshotting and tracing capabilities. This presentation debuts PointyStick, an application designed to allow targeted dynamic program tracing and memory snapshotting. PointyStick enables code regions of interest to be located rapidly, which can then be further analyzed.

Presenters:

• whistlepig
  Sam has always been passionate about finding ways to break things. Sam initially learned reverse engineering to crack protections on some of his favorite programs, which he of course had a license for. He has worn several hats since then, such as malware analyst, reverse engineer, kernel space developer, and is currently working as a cryptographer. He is also an avid beer fan and loves 312.

Similar Presentations:

• VB2018 / Android app deobfuscation using static-dynamic cooperation
• REcon 2013 / Hybrid Code Analysis: Overcoming Weaknesses of Dynamic Analysis in Malware Forensics