Evdokimov python arsenal for re

1,284 views
1,180 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,284
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
41
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Evdokimov python arsenal for re

  1. 1. Python Arsenal for Reverse Engineering Dmitry “D1g1″ Evdokimov DSecRG, Security Researcher
  2. 2. #whoami• Security Researcher in DSecRG – RE – Fuzzing – Mobile security• Organizer: DCG #7812• Editor in “XAKEP” ZeroNights 2012 2
  3. 3. IntroZeroNights 2012 3
  4. 4. Perl?!Perl binding for IDA Pro: http://cyrplw.svn.sourceforge.net/viewvc/cyrplw/perl/ http://redplait.blogspot.ru/2011/08/perl-inside-ida-pro.html ZeroNights 2012 4
  5. 5. Ruby?• Metasm - the Ruby assembly manipulation suite• Idarub - Ruby plugin for IDAPro• Ragweed - scriptable Win32/Linux/OSX debugger written in ruby• frasm - Ruby bindings for distorm64• LeafRub - x86 ELF Analysis and Debugging• rbkb - A miscellaneous collection of command- line tools and ruby library helpers related to pen-testing and reversing• jdi_hook - JRuby based scriptable Java debugger using the JDI interface• ??? ZeroNights 2012 5
  6. 6. Python!BeaEnginePython PinPy pykdbochs-python- ProcessTap Pylibemu instrumentation pyasm pylibscizzleBuggery PyBox pyMemCtypes PyCodin pymsasidDeviare pydasm pyREticdislib Pydb PySTPdiStorm PyDBG python-adbFrASM PyDbgEng python-haystackIDAPython pydbgr python-ptraceImmLIB PyDevTools PythonGdblibdisassemble pydot pytracerlldb pydusa radapyllvmpy PyEA ramooflaxMacholib PyELF uhookerMiasm Pyelftools VivisectOllyPython PyEMU vtracePDBparse pyew WinAppDbgPEEL pygdb Z3-pythonpefile pyHIEW Z3PyPIDA … ZeroNights 2012 6
  7. 7. Example IDAPython Target IDA Pro TestCase Fuzzer Generator Z3Py vtraceMonitor Target ProcessTap CodeCoverage analyzer ZeroNights 2012 7
  8. 8. The first idea ZeroNights 2012 8
  9. 9. Web portal http://pythonarsenal.dsecrg.ru/http://pythonarsenal.erpscan.com/ ZeroNights 2012 9
  10. 10. Site:Main ZeroNights 2012 10
  11. 11. Library:Description ZeroNights 2012 11
  12. 12. Site:Search ZeroNights 2012 12
  13. 13. Site:Feedback ZeroNights 2012 13
  14. 14. Conclusion- Gratz! - Anton Astafiev- Future work - Update/implementation/fix - Development - News - Statistics/graph/chart ZeroNights 2012 14
  15. 15. ContactTwitter: @evdokimovdsE-mail: d.evdokimov@dsecrg.com ZeroNights 2012 15

×