2023-09-08, 19:25–21:25 (Europe/Berlin), Pupin
When analyzing a system, reverse engineering a program at binary-level is often needed to understand its behavior. A common use-case is malware analysis or security assessement in order to uncover vulnerabilities. Reverse-engineering usually requires working on the disassembled program to perform manual or automated analysis. Furthermore, we are usually led to analyze a whole bunch of programs and to compare them with binary diffing. The later is essential for comparing variants of a same program or malware. It is also useful to inspect updates published by vendors for the sake of understanding a patch. This workshop introduces a variety of python programs and libraries that we developed to automate the analysis of disassembled programs, to automate the diffing and to automate the analysis of the differences!
Robin David is a french software security researcher focused on reverse-engineering
and software testing (fuzzing, symbolic execution). Originally, attacking obfuscated
software during its PhD at the Atomic Energy Comission (CEA) he is now full-time
security researcher at Quarkslab where he is leading the automated analysis team.
He recurrently present his research in conferences like Black Hat and is trainer
for RingZero.
Riccardo Mori is a security researcher working at Quarkslab in the automated
analysis team, his main research topics include binary diffing and binary exporters.
He is an active developer of both internal and open-source tools developed in the
company.