Friday, March 4, 2011

Looking Into the Eye of the Bits

During the past four years I've been developing tools for research and implementation of a new type of software analysis. I've discussed these tools on a various occasions such as RECon2010, Nullcon2011 and DC9723.
The purpose of these tools is to recover internal implementation details using only passive memory analysis, and without requiring any disassembly.
These tools are now available under GPL license on the following links:
https://github.com/assafnativ/NativDebugging

The latest version of the presentation + WP is available in the SVN of pymint:
https://github.com/assafnativ/NativDebugging/tree/master/docs

For more details on the subject you are more than welcome to visit the websites of the kind conferences which gave me the place to mumble about my work:
http://nullcon.net/speakers/bakkar/
http://recon.cx/2010/speakers.html#memory
http://wiki.dc9723.org/wiki/Meetings

I'm currently looking for more places to spread my word, if you know of such, please contact me.