Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

•Download as PPTX, PDF•

1 like•152,460 views

Source Conference

The document discusses SWFRETools, a set of tools for reverse engineering Flash files (SWF). It introduces four tools: a parser that extracts metadata and tags from SWF files, a dissector that analyzes the parsed data, a tracer/debugger that allows dynamic analysis of SWF files, and a minimizer that reduces SWF files to their minimal form. The talk encourages participation in the open source SWFRETools project on GitHub to further develop and improve the tools.

Business Technology

Reverse-Engineering Flash Files with SWFRETools Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011

About Me 2

Current Work 3

What this talk is about Ship it! 4

What this talk is not about 5

Why is this relevant? 6

SWF Files: An Overview Header Tag 1 Tag 2 Tag 3 Tag 4 … Tag n 7

SWF Files: Interesting Aspects 8

Existing Tools SWFTools Flash Dump Decompiler swfmill Sothink SWF Decompiler 9

Problems with existing tools SWFTools Flash Dump Decompiler Crashes Old Limited Wrong tool swfmill Sothink SWF Decompiler 10

Introducing SWFRETools 11

Goals 12

Architecture 13

Tool I: The Parser 14

Parser Goals 15

Workflow Intermezzo I 16

Tool 2: Flash Dissector 17

Flash Dissector Goals 18

Flash Dissector Demo 19

Weaknesses of Flash Dissector 20

Flash Dissector Future 21

Workflow Intermezzo II 22

Static analysis vs Dynamic analysis 23

Detour: Flash Player Debugger 24

Detour: Flash Player Debugger 25

Tool III: Tracer/Debugger 26

Tracer Implementation 27

Last week in China 28

Last week in China 29

Tracer Plans 30

Workflow Intermezzo III 31

Minimizing sample files 32

Minimizing files without templates 33

Do not forget RETURN 34 Function A Function B Crash here

Tool IV: Minimizer 35

Automated minimizing 36

Minimizer Goals 37

Off to GitHub we go! Shipped! https://github.com/sporst 38

Call for participation 39

Summary 40

Thank you! 41 ?

Let me help … 42

Image Credits http://www.flickr.com/photos/markchadwick/4592186576/ 43

More Related Content

Viewers also liked

YQL - Christian Heilmann Open Hack London presentation

YQL - Christian Heilmann Open Hack London presentation

YQL - Christian Heilmann Open Hack London presentation

Conférence Net Neutrality

Conférence Net Neutrality

Conférence Net Neutrality

Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...

Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...

Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...

Теоретические основы и практические навыки выявления уязвимостей в реальных программах методом фаззинга (англ. Fuzzing). Внимание будет уделено как популярным фреймворкам, так и разработке собственных инструментов под конкретные задачи. В рамках мастер-класса также будет рассказано о передовых и перспективных технологиях анализа кода, которым только предстоит найти своё место в повседневной работе исследователя уязвимостей.

Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...

Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...

Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...

Positive Hack Days

Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?

Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?

Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?

Учебный центр "Эшелон"

Автоматический поиск уязвимостей в программах без исходных текстов

Автоматический поиск уязвимостей в программах без исходных текстов

Автоматический поиск уязвимостей в программах без исходных текстов

Бинарные уязвимости и эксплойты: технологии и перспективы

Бинарные уязвимости и эксплойты: технологии и перспективы

Бинарные уязвимости и эксплойты: технологии и перспективы

David Snead - Nailing Down Security Regulations

David Snead - Nailing Down Security Regulations

David Snead - Nailing Down Security Regulations

Source Conference

Непрерывный анализ качества кода с помощью SonarQube

Непрерывный анализ качества кода с помощью SonarQube

Непрерывный анализ качества кода с помощью SonarQube

Vasilii Chernov

Double Dog Dare

Double Dog Dare

Double Dog Dare

Matt Summers, NCC Group - Web technology has changed a lot in the last 25 years but the underlying transport mechanism has stayed the same. The web we have today was not designed for the plethora of new device types and communication methods but things are changing and you probably don’t even know it. You probably don’t even notice the problem because it is so ingrained. In this presentation we are going to delve into the problems with the web and how we use it today. We will also take an in depth look at the proposed solutions for the next generation web and the implications that come with it.

I want the next generation web here SPDY QUIC

I want the next generation web here SPDY QUIC

I want the next generation web here SPDY QUIC

Source Conference

Stephen Doherty, Symantec - iBanking is a relative newcomer to the mobile malware scene whose use was first identified in August of 2013. The Trojan targets Android devices and can be remotely controlled over SMS and HTTP. iBanking began life as a simple SMS stealer and call redirector, but has undergone significant development since then. iBanking is available for purchase on a private underground forum for between $4k - $5k, with the next release expected to include a 0-day exploit for the Android operating system. This presentation will discuss iBanking - it's capabilities and the reasons for targeting mobile devices.

iBanking - a botnet on Android

iBanking - a botnet on Android

iBanking - a botnet on Android

Source Conference

Контроль уязвимостей в программных приложениях

Контроль уязвимостей в программных приложениях

Контроль уязвимостей в программных приложениях

jet_information_security

Viewers also liked (13)

YQL - Christian Heilmann Open Hack London presentation

YQL - Christian Heilmann Open Hack London presentation

YQL - Christian Heilmann Open Hack London presentation

Conférence Net Neutrality

Conférence Net Neutrality

Conférence Net Neutrality

Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...

Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...

Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...

Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...

Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...

Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...

Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?

Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?

Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?

Автоматический поиск уязвимостей в программах без исходных текстов

Автоматический поиск уязвимостей в программах без исходных текстов

Автоматический поиск уязвимостей в программах без исходных текстов

Бинарные уязвимости и эксплойты: технологии и перспективы

Бинарные уязвимости и эксплойты: технологии и перспективы

Бинарные уязвимости и эксплойты: технологии и перспективы

David Snead - Nailing Down Security Regulations

David Snead - Nailing Down Security Regulations

David Snead - Nailing Down Security Regulations

Непрерывный анализ качества кода с помощью SonarQube

Непрерывный анализ качества кода с помощью SonarQube

Непрерывный анализ качества кода с помощью SonarQube

Double Dog Dare

Double Dog Dare

Double Dog Dare

I want the next generation web here SPDY QUIC

I want the next generation web here SPDY QUIC

I want the next generation web here SPDY QUIC

iBanking - a botnet on Android

iBanking - a botnet on Android

iBanking - a botnet on Android

Контроль уязвимостей в программных приложениях

Контроль уязвимостей в программных приложениях

Контроль уязвимостей в программных приложениях

Similar to Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

Non-Blocking Strategies for FFI

Non-Blocking Strategies for FFI

Non-Blocking Strategies for FFI

Using FlexUnit 4 with Flash CS5

Using FlexUnit 4 with Flash CS5

Using FlexUnit 4 with Flash CS5

Ben Schmidtke III

[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project

[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project

[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project

Rakuten Group, Inc.

How different is software and IC development? Let's answer with a relative estimation: It's as different as soccer and basketball. Besides both being team sports and the goal to score more points than the other team, everything else if different. If software and IC development are that different, why should Agile work in an IC development environment? Wait! Let's have a closer look. There are more commonalities as you can see on the first glance. IC development also requires satisfying customer requirements as early as possible, deals with changing requirements, needs to have frequent product releases and requires technical excellence and good design. And these are certainly areas where agile principles have been proven to be successful. As an IC development organization for an embedded microcontroller we experienced over the last projects that the "game" changed. While projects got more complex and development cycle times longer, customers required products earlier than before and new requirements came up more frequently. It was time to change the way we play! This talk demonstrates how we changed our existing IC development flow to an Agile IC development process. It shows which agile practices we’ve chosen and how we applied them to our development process. It shows the challenges we faced in the transition and the success stories we experienced. It also gives an outlook how the process can be even more agile.

How to play basketball with a soccer team? - Make IC development more agile

How to play basketball with a soccer team? - Make IC development more agile

How to play basketball with a soccer team? - Make IC development more agile

Tobias Leisgang

Improving the Pharo VM

Improving the Pharo VM

Improving the Pharo VM

As file format specs leave room for interpretation and sometimes are misunderstood or ignored by the programmers, some well-formed files may be interpreted inconsistently by different tools and libraries. As a result, this can be (ab)used for simple jokes, anti-forensics or to bypass sanitizers which might lead to data exfiltration. Ange Albertini: Reverse Engineer, author of Corkami Gynvael Coldwind: His main areas of interest are low-level security (kernel, OS, client), web security and reverse-engineering. Captain of Dragon Sector CTF team :) Currently working as an Information Security Engineer at Google.

Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...

Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...

Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...

Schizophrenic files

Schizophrenic files

Schizophrenic files

Paweł Skotnicki: Mówi się, że w programowaniu trudne są dwie rzeczy: unieważnienie cache i nazywanie rzeczy. Częścią nazwy klasy jest jej namespace – i to na tym skupi się ta prezentacja. Nasze podejście do struktury plików w projekcie ewoluuje wraz z naszym doświadczeniem i złożonością aplikacji. Jak zmieniały się “dobre praktyki”? Czy struktura proponowana przez frameworki to jedyna słuszna droga? A może kod da się uporządkować w inny sposób? Nie obiecuję, że wręczę wam “złoty młotek”, ale na pewno chętnie podzielę się moimi przemyśleniami.

$Am\I\Doing\It\Right? Struktura plików w PHP$ $Am\I\Doing\It\Right? Struktura plików w PHP$

Am\I\Doing\It\Right? Struktura plików w PHP

The Software House

What is (not) Pharo 8?

What is (not) Pharo 8?

What is (not) Pharo 8?

Visual Studio 2010 for SharePoint Developers

Visual Studio 2010 for SharePoint Developers

Visual Studio 2010 for SharePoint Developers

Introduction to Plone (November 2003)

Introduction to Plone (November 2003)

Introduction to Plone (November 2003)

Kiran Jonnalagadda

Open source is for life, not just for Christmas

Open source is for life, not just for Christmas

Open source is for life, not just for Christmas

OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...

OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...

OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...

“State of the Tooling” in Open Source Automation

“State of the Tooling” in Open Source Automation

“State of the Tooling” in Open Source Automation

Apache Software Foundation: How To Contribute, with Apache Flink as Example (...

Apache Software Foundation: How To Contribute, with Apache Flink as Example (...

Apache Software Foundation: How To Contribute, with Apache Flink as Example (...

Apache Flink Taiwan User Group

From Little Rock Tech Fest 2017 With the updates to iOS and Android phones released earlier this year, Web Components are now supported natively. With libraries such as Polymer that are built on top of Web Components, it is now possible to easily create fast Progressive Web Apps (PWAs) without the overhead of a framework. In this workshop, we'll begin with a brief introduction to Web Components and Polymer, and then dive into hands-on experiences with the core aspects of Web Components: the <template> tag, Custom Elements, and the Shadow DOM. This workshop assumes an understanding of HTML, CSS & JavaScript. No prior experience with Web Components, Polymer, or any library or framework (Web Components or otherwise) is required.

Workshop: Introduction to Web Components & Polymer

Workshop: Introduction to Web Components & Polymer

Workshop: Introduction to Web Components & Polymer

Developing rich multimedia applications with FI-WARE.

Developing rich multimedia applications with FI-WARE.

Developing rich multimedia applications with FI-WARE.

PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY

PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY

PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY

FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16

FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16

FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16

Organization for the Promotion, Protection and Progress of Frogans Technology

Autopsy 3 is an easy to use digital forensics tool. Its development started after discussions at the first OSDF conference, with the goal of being a platform for which other developers will write modules. Autopsy allows you to perform a digital forensics exam on Windows using a free tool. This talk will cover the basic features of Autopsy, including timeline analysis, registry analysis, web artifact analysis, keyword search, and hash sets. There will also be discussion about future modules, and how to get involved as a user or developer.

OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier

OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier

OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier

Basis Technology

Similar to Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools (20)

Non-Blocking Strategies for FFI

Non-Blocking Strategies for FFI

Non-Blocking Strategies for FFI

Using FlexUnit 4 with Flash CS5

Using FlexUnit 4 with Flash CS5

Using FlexUnit 4 with Flash CS5

[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project

[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project

[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project

How to play basketball with a soccer team? - Make IC development more agile

How to play basketball with a soccer team? - Make IC development more agile

How to play basketball with a soccer team? - Make IC development more agile

Improving the Pharo VM

Improving the Pharo VM

Improving the Pharo VM

Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...

Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...

Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...

Schizophrenic files

Schizophrenic files

Schizophrenic files

$Am\I\Doing\It\Right? Struktura plików w PHP$ $Am\I\Doing\It\Right? Struktura plików w PHP$

Am\I\Doing\It\Right? Struktura plików w PHP

What is (not) Pharo 8?

What is (not) Pharo 8?

What is (not) Pharo 8?

Visual Studio 2010 for SharePoint Developers

Visual Studio 2010 for SharePoint Developers

Visual Studio 2010 for SharePoint Developers

Introduction to Plone (November 2003)

Introduction to Plone (November 2003)

Introduction to Plone (November 2003)

Open source is for life, not just for Christmas

Open source is for life, not just for Christmas

Open source is for life, not just for Christmas

OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...

OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...

OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...

“State of the Tooling” in Open Source Automation

“State of the Tooling” in Open Source Automation

“State of the Tooling” in Open Source Automation

Apache Software Foundation: How To Contribute, with Apache Flink as Example (...

Apache Software Foundation: How To Contribute, with Apache Flink as Example (...

Apache Software Foundation: How To Contribute, with Apache Flink as Example (...

Workshop: Introduction to Web Components & Polymer

Workshop: Introduction to Web Components & Polymer

Workshop: Introduction to Web Components & Polymer

Developing rich multimedia applications with FI-WARE.

Developing rich multimedia applications with FI-WARE.

Developing rich multimedia applications with FI-WARE.

PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY

PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY

PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY

FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16

FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16

FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16

OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier

OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier

OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier

More from Source Conference

Mathieu Letourneau, Andrei Saygo, Eoin Ward, Microsoft This talk will present our research project on .Net file clustering based on their respective basic blocks and the parallel that can be made with DNA sequence variation analysis. We implemented a system that extracts the basic blocks on each file and creates clusters based on them. We also developed an IDA plugin to make use of that data and speed up our analysis of .Net files. Andrei Saygo, Eoin Ward and Mathieu Letourneau all work as Anti-Malware Security Engineers in the AM Scan team of Microsoft’s Product Release & Security Services group in Dublin, Ireland.

From DNA Sequence Variation to .NET Bits and Bobs

From DNA Sequence Variation to .NET Bits and Bobs

From DNA Sequence Variation to .NET Bits and Bobs

Source Conference

Extracting Forensic Information From Zeus Derivatives

Extracting Forensic Information From Zeus Derivatives

Extracting Forensic Information From Zeus Derivatives

Source Conference

Brian Honan, IRISSCERT Social media networks provide individuals and businesses with exciting opportunities to communicate and collaborate with others throughout the world. But with these opportunities come a number of security challenges and risks. This talk will outline how social media networks can pose various threats to businesses, from information leakage, reputational damage, to social engineering profiling, and vectors for enabling compromise of corporate systems. Social media networks also enable the rapid dissemination of news which in the event of an information security breach could either save or destroy an organisations reputation. Understanding and dealing with these challenges will enable companies to like and favourite social media networks in a secure way. Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to Europol's Cybercrime Centre (EC3), an adjunct lecturer on Information Security in University College Dublin. He is the author of the book "ISO 27001 in a Windows Environment" and co-author of "The Cloud Security Rules", and regularly speaks at major industry conferences. In 2013 Brian was awarded SC Magazine's Information Security Person of the year for his contribution to the computer security industry.

How to Like Social Media Network Security

How to Like Social Media Network Security

How to Like Social Media Network Security

Source Conference

Wfuzz para Penetration Testers

Wfuzz para Penetration Testers

Wfuzz para Penetration Testers

Source Conference

Security Goodness with Ruby on Rails

Security Goodness with Ruby on Rails

Security Goodness with Ruby on Rails

Source Conference

Securty Testing For RESTful Applications

Securty Testing For RESTful Applications

Securty Testing For RESTful Applications

Source Conference

Esteganografia

Source Conference

Men in the Server Meet the Man in the Browser

Men in the Server Meet the Man in the Browser

Men in the Server Meet the Man in the Browser

Source Conference

Advanced Data Exfiltration The Way Q Would Have Done It

Advanced Data Exfiltration The Way Q Would Have Done It

Advanced Data Exfiltration The Way Q Would Have Done It

Source Conference

Adapting To The Age Of Anonymous

Adapting To The Age Of Anonymous

Adapting To The Age Of Anonymous

Source Conference

Are Agile And Secure Development Mutually Exclusive?

Are Agile And Secure Development Mutually Exclusive?

Are Agile And Secure Development Mutually Exclusive?

Source Conference

Advanced (persistent) binary planting

Advanced (persistent) binary planting

Advanced (persistent) binary planting

Source Conference

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Source Conference

Who should the security team hire next?

Who should the security team hire next?

Who should the security team hire next?

Source Conference

The Latest Developments in Computer Crime Law

The Latest Developments in Computer Crime Law

The Latest Developments in Computer Crime Law

Source Conference

JSF Security

Source Conference

How To: Find The Right Amount Of Security Spend

How To: Find The Right Amount Of Security Spend

How To: Find The Right Amount Of Security Spend

Source Conference

Everything you should already know about MS-SQL post-exploitation

Everything you should already know about MS-SQL post-exploitation

Everything you should already know about MS-SQL post-exploitation

Source Conference

Keynote

Source Conference

Threat Modeling: Best Practices

Threat Modeling: Best Practices

Threat Modeling: Best Practices

Source Conference

More from Source Conference (20)

From DNA Sequence Variation to .NET Bits and Bobs

From DNA Sequence Variation to .NET Bits and Bobs

From DNA Sequence Variation to .NET Bits and Bobs

Extracting Forensic Information From Zeus Derivatives

Extracting Forensic Information From Zeus Derivatives

Extracting Forensic Information From Zeus Derivatives

How to Like Social Media Network Security

How to Like Social Media Network Security

How to Like Social Media Network Security

Wfuzz para Penetration Testers

Wfuzz para Penetration Testers

Wfuzz para Penetration Testers

Security Goodness with Ruby on Rails

Security Goodness with Ruby on Rails

Security Goodness with Ruby on Rails

Securty Testing For RESTful Applications

Securty Testing For RESTful Applications

Securty Testing For RESTful Applications

Esteganografia

Men in the Server Meet the Man in the Browser

Men in the Server Meet the Man in the Browser

Men in the Server Meet the Man in the Browser

Advanced Data Exfiltration The Way Q Would Have Done It

Advanced Data Exfiltration The Way Q Would Have Done It

Advanced Data Exfiltration The Way Q Would Have Done It

Adapting To The Age Of Anonymous

Adapting To The Age Of Anonymous

Adapting To The Age Of Anonymous

Are Agile And Secure Development Mutually Exclusive?

Are Agile And Secure Development Mutually Exclusive?

Are Agile And Secure Development Mutually Exclusive?

Advanced (persistent) binary planting

Advanced (persistent) binary planting

Advanced (persistent) binary planting

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Who should the security team hire next?

Who should the security team hire next?

Who should the security team hire next?

The Latest Developments in Computer Crime Law

The Latest Developments in Computer Crime Law

The Latest Developments in Computer Crime Law

JSF Security

How To: Find The Right Amount Of Security Spend

How To: Find The Right Amount Of Security Spend

How To: Find The Right Amount Of Security Spend

Everything you should already know about MS-SQL post-exploitation

Everything you should already know about MS-SQL post-exploitation

Everything you should already know about MS-SQL post-exploitation

Keynote

Threat Modeling: Best Practices

Threat Modeling: Best Practices

Threat Modeling: Best Practices

Recently uploaded

Cultivating and maintaining discipline within teams is a critical differentiator for successful organisations. Forward-thinking leaders and business managers understand the impact that discipline has on organisational success. A disciplined workforce operates with clarity, focus, and a shared understanding of expectations, ultimately driving better results, optimising productivity, and facilitating seamless collaboration. Although discipline is not a one-size-fits-all approach, it can help create a work environment that encourages personal growth and accountability rather than solely relying on punitive measures. In this deck, you will learn the significance of workplace discipline for organisational success. You’ll also learn • Four (4) workplace discipline methods you should consider • The best and most practical approach to implementing workplace discipline. • Three (3) key tips to maintain a disciplined workplace.

Cracking the Workplace Discipline Code Main.pptx

Cracking the Workplace Discipline Code Main.pptx

Cracking the Workplace Discipline Code Main.pptx

Workforce Group

Special Purpose Vehicle (Purpose, Formation & examples)

Special Purpose Vehicle (Purpose, Formation & examples)

Special Purpose Vehicle (Purpose, Formation & examples)

Business Valuation Principles for Entrepreneurs

Business Valuation Principles for Entrepreneurs

Business Valuation Principles for Entrepreneurs

anas about venice for grade 6f about venice

anas about venice for grade 6f about venice

anas about venice for grade 6f about venice

anasabutalha2013

India’s Recommended Women Surgeons to Watch in 2024.pdf

India’s Recommended Women Surgeons to Watch in 2024.pdf

India’s Recommended Women Surgeons to Watch in 2024.pdf

USA classified ads posting – best classified sites in usa.pdf

USA classified ads posting – best classified sites in usa.pdf

USA classified ads posting – best classified sites in usa.pdf

superbizness1227

Evolution and Growth of Supply chain.pdf

Evolution and Growth of Supply chain.pdf

Evolution and Growth of Supply chain.pdf

Ready to unlock the full potential of your LinkedIn profile? Join us for an immersive workshop where you'll gain invaluable insights and practical tips to optimize your profile, expand your network, and elevate your personal brand. Official event during Techweek NZ: May 23rd @ 6pm - 7:30pm St Peters Church Garden Room 211 Willis Street, Te Aro, Wellington New Zealand Google Meet Link: View details and RSVP https://calendar.app.google/h34Jub18s6Ri31NS7

LinkedIn Masterclass Techweek 2024 v4.1.pptx

LinkedIn Masterclass Techweek 2024 v4.1.pptx

LinkedIn Masterclass Techweek 2024 v4.1.pptx

Symbio Agency Ltd

8 Questions B2B Commercial Teams Can Ask To Help Product Discovery

8 Questions B2B Commercial Teams Can Ask To Help Product Discovery

8 Questions B2B Commercial Teams Can Ask To Help Product Discovery

Cree_Rey_BrandIdentityKit.PDF_PersonalBd

Cree_Rey_BrandIdentityKit.PDF_PersonalBd

Cree_Rey_BrandIdentityKit.PDF_PersonalBd

April 2024 Nostalgia Products Newsletter

April 2024 Nostalgia Products Newsletter

April 2024 Nostalgia Products Newsletter

NathanBaughman3

Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx

Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx

Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx

Marvin neemt je in deze presentatie mee in de voordelen van non-endemic advertising op retail media netwerken. Hij brengt ook de uitdagingen in beeld die de markt op dit moment heeft op het gebied van retail media voor niet-leveranciers. Retail media wordt gezien als het nieuwe advertising-medium en ook mediabureaus richten massaal retail media-afdelingen op. Merken die niet in de betreffende winkel liggen staan ook nog niet in de rij om op de retail media netwerken te adverteren. Marvin belicht de uitdagingen die er zijn om echt aansluiting te vinden op die markt van non-endemic advertising.

RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...

RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...

RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...

Textile Olympiad 𝟯.𝟬 Supported by The Business Standard and Textile Today: 𝗔𝗻 𝗜𝗻𝘁𝗲𝗿 𝗨𝗻𝗶𝘃𝗲𝗿𝘀𝗶𝘁𝘆 Business 𝗖𝗮𝘀𝗲 𝗖𝗼𝗺𝗽𝗲𝘁𝗶𝘁𝗶𝗼𝗻 where university undergraduates get to showcase their brilliance. Dive deep into real-world textile industry challenges, analyze intricate scenarios, and craft innovative solutions.

Team-Spandex-Northern University-CS1035.

Team-Spandex-Northern University-CS1035.

Team-Spandex-Northern University-CS1035.

Global Interconnection Group Joint Venture[960] (1).pdf

Global Interconnection Group Joint Venture[960] (1).pdf

Global Interconnection Group Joint Venture[960] (1).pdf

How to Maintain Healthy Life style.pptx

How to Maintain Healthy Life style.pptx

How to Maintain Healthy Life style.pptx

Discover how Max Life Insurance revolutionized its hiring process with PMaps Job-Fit Assessments. This case study highlights how high scorers sold 2.1 times more policies, tackling performance issues effectively. With a 70% accuracy in predicting high achievers, PMaps' assessments streamlined recruitment, integrating seamlessly with HRMS for efficient data management. Max Life's success story showcases the power of PMaps in transforming talent acquisition and boosting sales performance. Download now to learn more! Follow us for more case study: https://www.pmapstest.com/case-study

Transforming Max Life Insurance with PMaps Job-Fit Assessments- Case Study

Transforming Max Life Insurance with PMaps Job-Fit Assessments- Case Study

Transforming Max Life Insurance with PMaps Job-Fit Assessments- Case Study

PMaps Assessments

sales plan presentation by mckinsey alum

sales plan presentation by mckinsey alum

sales plan presentation by mckinsey alum

Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...

Unlock Your TikTok Potential: Free TikTok Likes with InstBlast

Unlock Your TikTok Potential: Free TikTok Likes with InstBlast

Unlock Your TikTok Potential: Free TikTok Likes with InstBlast

InstBlast Marketing

Recently uploaded (20)

Cracking the Workplace Discipline Code Main.pptx

Cracking the Workplace Discipline Code Main.pptx

Cracking the Workplace Discipline Code Main.pptx

Special Purpose Vehicle (Purpose, Formation & examples)

Special Purpose Vehicle (Purpose, Formation & examples)

Special Purpose Vehicle (Purpose, Formation & examples)

Business Valuation Principles for Entrepreneurs

Business Valuation Principles for Entrepreneurs

Business Valuation Principles for Entrepreneurs

anas about venice for grade 6f about venice

anas about venice for grade 6f about venice

anas about venice for grade 6f about venice

India’s Recommended Women Surgeons to Watch in 2024.pdf

India’s Recommended Women Surgeons to Watch in 2024.pdf

India’s Recommended Women Surgeons to Watch in 2024.pdf

USA classified ads posting – best classified sites in usa.pdf

USA classified ads posting – best classified sites in usa.pdf

USA classified ads posting – best classified sites in usa.pdf

Evolution and Growth of Supply chain.pdf

Evolution and Growth of Supply chain.pdf

Evolution and Growth of Supply chain.pdf

LinkedIn Masterclass Techweek 2024 v4.1.pptx

LinkedIn Masterclass Techweek 2024 v4.1.pptx

LinkedIn Masterclass Techweek 2024 v4.1.pptx

8 Questions B2B Commercial Teams Can Ask To Help Product Discovery

8 Questions B2B Commercial Teams Can Ask To Help Product Discovery

8 Questions B2B Commercial Teams Can Ask To Help Product Discovery

Cree_Rey_BrandIdentityKit.PDF_PersonalBd

Cree_Rey_BrandIdentityKit.PDF_PersonalBd

Cree_Rey_BrandIdentityKit.PDF_PersonalBd

April 2024 Nostalgia Products Newsletter

April 2024 Nostalgia Products Newsletter

April 2024 Nostalgia Products Newsletter

Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx

Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx

Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx

RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...

RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...

RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...

Team-Spandex-Northern University-CS1035.

Team-Spandex-Northern University-CS1035.

Team-Spandex-Northern University-CS1035.

Global Interconnection Group Joint Venture[960] (1).pdf

Global Interconnection Group Joint Venture[960] (1).pdf

Global Interconnection Group Joint Venture[960] (1).pdf

How to Maintain Healthy Life style.pptx

How to Maintain Healthy Life style.pptx

How to Maintain Healthy Life style.pptx

Transforming Max Life Insurance with PMaps Job-Fit Assessments- Case Study

Transforming Max Life Insurance with PMaps Job-Fit Assessments- Case Study

Transforming Max Life Insurance with PMaps Job-Fit Assessments- Case Study

sales plan presentation by mckinsey alum

sales plan presentation by mckinsey alum

sales plan presentation by mckinsey alum

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...

RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...

Unlock Your TikTok Potential: Free TikTok Likes with InstBlast

Unlock Your TikTok Potential: Free TikTok Likes with InstBlast

Unlock Your TikTok Potential: Free TikTok Likes with InstBlast

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

1. Reverse-Engineering Flash Files with SWFRETools Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011

3. Current Work 3

4. What this talk is about Ship it! 4

5. What this talk is not about 5

6. Why is this relevant? 6

7. SWF Files: An Overview Header Tag 1 Tag 2 Tag 3 Tag 4 … Tag n 7

8. SWF Files: Interesting Aspects 8

9. Existing Tools SWFTools Flash Dump Decompiler swfmill Sothink SWF Decompiler 9

10. Problems with existing tools SWFTools Flash Dump Decompiler Crashes Old Limited Wrong tool swfmill Sothink SWF Decompiler 10

11. Introducing SWFRETools 11

13. Architecture 13

14. Tool I: The Parser 14

15. Parser Goals 15

16. Workflow Intermezzo I 16

17. Tool 2: Flash Dissector 17

18. Flash Dissector Goals 18

19. Flash Dissector Demo 19

20. Weaknesses of Flash Dissector 20

21. Flash Dissector Future 21

22. Workflow Intermezzo II 22

23. Static analysis vs Dynamic analysis 23

24. Detour: Flash Player Debugger 24

25. Detour: Flash Player Debugger 25

26. Tool III: Tracer/Debugger 26

27. Tracer Implementation 27

28. Last week in China 28

29. Last week in China 29

30. Tracer Plans 30

31. Workflow Intermezzo III 31

32. Minimizing sample files 32

33. Minimizing files without templates 33

34. Do not forget RETURN 34 Function A Function B Crash here

35. Tool IV: Minimizer 35

36. Automated minimizing 36

37. Minimizer Goals 37

38. Off to GitHub we go! Shipped! https://github.com/sporst 38

39. Call for participation 39

41. Thank you! 41 ?

42. Let me help … 42

43. Image Credits http://www.flickr.com/photos/markchadwick/4592186576/ 43

Editor's Notes

http://www.flickr.com/photos/markchadwick/4592186576/
http://www.flickr.com/photos/markchadwick/4592186576/