Reverse Engineering Automation
Author: Anton Dorfman
While reverse engineering, a researcher should perform many routine tasks in order to find out what and how a program does. These include: allocating the code which implements a certain function, analyzing data dependencies in certain points of a program, identifying control dependencies, etc. For complicated software systems, using a debugger and disassembler is not enough. Apart from Code Flow Graph (CFG) and decompiling, there are relatively new approaches, such as taint analysis, symbolic execution and dynamic binary instrumentation. However, there are also many technologies to improve the abstraction level of program presentation and routine jobs automation. The talk will address the advantages of such technologies, examples of their application and open-source utilities for their implementation.
Anton Dorfman is a researcher, reverser and assembly language fan. He dislikes routine jobs and is really interested in automating any reversу engineering tasks.
Anton graduated from the Samara State Technical University with honors in 1999. He has lectured in his alma mater since 2001 and published more than 50 papers on information security. In 2007 he successfully defended his thesis on analyzing and modelling malware behavior.
He has been an organizer and playing coach of student CTF teams since 2009. Anton was the third in the contest Best Reverser at PHDays 2012, presented a 4-hour workshop on mastering shellcode at PHDays III and shared some ideas on data format reversing at Zero Nights 2013.