Rushing Recon 2011!!!

Fri 29 July 2011 by alex

Hi everyone,

In the beginning of July, several people from our lab were in Montreal for the Recon conference, where we gave four talks. We really enjoyed our time there. The panel of talks was, once again, amazing. It was an opportunity to meet great people, and to enjoy beers ...

read more

Metasm HowTo: bintrace

Mon 19 July 2010 by alex

Finally, here is the tool we presented at RECON. Our objective is to demonstrate that the use of Metasm allow to quickly and efficiently develop tools, in this particular case we have developed a basic code tracing tool.

bintrace provides few modules: TraceOS, TraceDB, TraceEngine and BranchTraceEngine. They are designed ...

read more

REcon 2010 was really HOT!

Thu 15 July 2010 by alex

And I am not speaking about adult entertainment, but about the crash of the air conditioning system in the hotel during the whole conference. This issue apart, RECON perfectly applies a simple mojo: if you want to make a bunch of reversers happy, talk to them about reverse-engineering. The conference ...

read more

HITB Amsterdam 2010 quick thoughts

Mon 05 July 2010 by alex

Hi all,

Just last week, a few lucky people from our lab did attend the HITB Conference in Amsterdam (the first time for HITB in Europe!)

We had a really great time there.

Damien and Christophe gave a presentation about the subversion of the Windows 7 x64 kernel using DMA ...

read more

Retour sur la conférence HITB Malaysia 2009

Thu 08 October 2009 by alex

La conférence Hack In The Box 2009 se déroulait du 5 au 8 Octobre à Kuala Lumpur, en Malaisie. Voici le résumé des conférences que nous avons pu voir

Hardware is the new software, Joe Grand aka kingpin

C'est Joe Grand (membre du groupe Lopht dans les années 90 ...

read more

How to: Create a new processor in Metasm

Fri 02 October 2009 by alex

Some guys from our lab took part to the last Defcon CTF in Vegas. While trying to sharpen our tools before the CTF, we had this brilliant idea (actually not so brilliant) "Hey, DDTEK guys proposed a challenge based on a virtual machine in the quals, they may re-use it ...

read more

Is this PDF malicious?

Mon 06 July 2009 by alex

Scanning a PDF to check whether it is malicious or not is not that easy. We have previously seen surprising results (new tests will come later). Today, we would like to focus on analyzing a PDF, based on 2 scripts we added in latest origami.

Scanning PDF: what for?

Every ...

read more

SSTIC 2009 Challenge vs Metasm

Fri 03 July 2009 by alex

Few weeks ago, preceding the 2009 SSTIC conference, the wonderful Stéphane Duverger proposed the SSTIC 2009 Challenge. It has been one of the most intersting reverse challenge I've seen these last months and I will take advantage of it to describe few use cases of Metasm.

I strongly encourage ...

read more

EICAR Conference 2009, feedback from Berlin

Wed 20 May 2009 by alex

Last week Julien and I were in Berlin to attend to the 18th EICAR conference.

Julien gave a talk on the analysis of a botnet. Based on a technical analysis of the infector and the pieces it drops, he, Damien and Christophe were able to get a discerning picture of ...

read more

Metasm VS Challenge T2'08

Wed 15 October 2008 by alex

La conférence T2 se déroule à Helsinki, en Finlande, et propose chaque année un défi de reverse-engineering. Nous allons l'étudier à l'aide de Metasm et je profiterai de ce billet pour présenter une nouvelle fonctionnalité de l'outil, développée pour l'occasion.

Pour rappel les protections implémentées les ...

read more