Presented at ToorCon San Diego 13 (2011)
Oct. 9, 2011, 3:30 p.m.
This presentation will focus on Deobfuscator technology targeted at Reverse Engineering protected .NET binaries.
Developers and businesses try to protect their source code and intellectual property from Decompilation, the first line of protection they commonly use is Obfuscators. The talk will cover the features of a popular Obfuscator and show how each step of Obfuscation is implemented and subsequently subverted. This will increase the usability and effectiveness of Decompilers used by both White and Black Hat Reverse Engineers and Developers.
Free Tools to Decompile and Deobfuscate compiled .NET applications will be released.
Jon McCoy is a .NET Software Engineer that focuses on security and forensics. He has worked on a number of Open Source projects ranging from hacking tools to software for paralyzed people. With a deep knowledge of programming under the .NET Framework he has released new attacks on live applications and the .NET Framework itself. He provides consulting to protect .NET applications.
Johannes Doring is a developer during the day and a hacker in the night. Coding since he was a kid, starting in Q-Basic and Pascal then some C, Java and Assembler. He has spent the last 10 years living in the .NET Framework under C# and has been hooked on .NET since the first beta. He has focused on language parsing and application security. A member of the CCC since 1996.