SlideShare a Scribd company logo

The Postmodern Binary Analysis

O
Onur Alanbel

NOPcon 2016

Internet
1 of 54
Download to read offline
THE POSTMODERN BINARY ANALYSIS Onur ALANBEL
$ id -un ➤ Computer Engineer (IZTECH) ➤ Developer @TaintAll (taintall.com) ➤ AppSec Researcher ➤ Blog: onuralanbel.pro ➤ @onuralanbel ➤ https://packetstormsecurity.com/search/?q=onur+alanbel
AGENDA ➤ Dynamic Binary Instrumentation ➤ Taint Analysis ➤ Constraint Solving With Z3 ➤ Symbolic/Concolic Execution
DYNAMIC BINARY INSTRUMENTATION ➤ Inject instrumentation code into a running binary.
DYNAMIC BINARY INSTRUMENTATION ➤ Inject instrumentation code into a running binary. ➤ Instrumentation code executes as normal instructions.
DYNAMIC BINARY INSTRUMENTATION ➤ Inject instrumentation code into a running binary. ➤ Instrumentation code executes as normal instructions. ➤ Instrumentation is transparent to the application.
DBI FRAMEWORKS ➤ Intel PIN Framework ➤ Win, Lin, OS X ➤ No IL
DBI FRAMEWORKS ➤ Intel PIN Framework ➤ Win, Lin, OS X ➤ No IL ➤ Valgrind ➤ Lin, OS X ➤ IL
DBI FRAMEWORKS ➤ Intel PIN Framework ➤ Win, Lin, OS X ➤ No IL ➤ Valgrind ➤ Lin, OS X ➤ IL ➤ DynamoRIO ➤ Win, Lin, Android ➤ No IL
DBI FRAMEWORKS ➤ Intel PIN Framework ➤ Win, Lin, OS X ➤ No IL ➤ Valgrind ➤ Lin, OS X ➤ IL ➤ DynamoRIO ➤ Win, Lin, Android ➤ No IL ➤ May be others like ➤ PEMU ➤ …
INSTRUCTION COUNTING
SIMPLE SIDE CHANNEL ATTACK
CAN WE DO BETTER? ➤ Use snapshots instead of Re-run
CAN WE DO BETTER? ➤ Use snapshots instead of Re-run ➤ Use multi-threading
CAN WE DO BETTER? ➤ Use snapshots instead of Re-run ➤ Use multi-threading ➤ What about doing something smarter?
TAINT ANALYSIS ➤ Which parts of the code can be controlled or affected by tainted data (usually user input)
TAINT ANALYSIS ➤ Which parts of the code can be controlled or affected by tainted data (usually user input)
TAINT ANALYSIS taint RAX
TAINT ANALYSIS taint RAX mov RCX, RAX
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX ……. mov RCX, ptr [0x1234]
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX ……. mov RCX, ptr [0x1234] pop RBX
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX ……. mov RCX, ptr [0x1234] pop RBX stop tainting
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX ……. mov RCX, ptr [0x1234] pop RBX stop tainting Which are the tainted regs?
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX ……. mov RCX, ptr [0x1234] pop RBX stop tainting Which are the tainted regs? Which are the tainted mems?
TAINT ANALYSIS taint RAX mov RCX, RAX push RCX ……. mov RCX, ptr [0x1234] pop RBX stop tainting Which are the tainted regs? Which are the tainted mems? RAX, RBX and 8 addresses
 from the stack
TAINT ANALYSIS taint RAX mov AL, 0x1
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp ECX, EBX
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp ECX, EBX jz 0x4321
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp ECX, EBX jz 0x4321 Can we control this branch?
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp CL, BL jz 0x4321 What about this one?
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp CL, BL jz 0x4321 What about this one? taint RCX xor RCX, RDX
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp CL, BL jz 0x4321 What about this one? taint RCX xor RCX, RDX add RAX, RCX
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp CL, BL jz 0x4321 What about this one? taint RCX xor RCX, RDX add RAX, RCX Should RAX be tainted?
TAINT ANALYSIS taint RAX mov AL, 0x1 mov ECX, EAX cmp CL, BL jz 0x4321 What about this one? taint RCX xor RCX, RCX mov RAX, RCX Now, should be ?
TAINT ANALYSIS ➤ With the help of PIN’s Inspection API (TaintAll)
TAINT ANALYSIS ➤ With the help of PIN’s Inspection API (TaintAll) ➤ With the help of Symbolic Execution (Triton Framework)
TAINT ANALYSIS ➤ With the help of PIN’s Inspection API (TaintAll) ➤ With the help of Symbolic Execution (Triton Framework) ➤ Using an Intermediate Language (TaintGrind)
TAINT ANALYSIS WITH TRITON Triton/src/examples/pin/ runtime_memory_tainting.py with a little modification
TAINT ANALYSIS WITH TRITON Triton/src/examples/pin/ runtime_memory_tainting.py with a little modification
A LITTLE BIT OF Z3 ➤ “Z3 is a state-of-the art theorem prover from Microsoft Research”
A LITTLE BIT OF Z3 ➤ “Z3 is a state-of-the art theorem prover from Microsoft Research” ➤ Input format is an extension of SMT-LIB 2.0 standard
A LITTLE BIT OF Z3 ➤ “Z3 is a state-of-the art theorem prover from Microsoft Research” ➤ Input format is an extension of SMT-LIB 2.0 standard
A LITTLE BIT OF Z3 ➤ “Z3 is a state-of-the art theorem prover from Microsoft Research” ➤ Input format is an extension of SMT-LIB 2.0 standard ➤ Or use Z3Py
For a real world example Search: “Reversing the petya ransomware with constraint solvers”
SYMBOLIC EXECUTION ➤ x = input()
 y = x * 5
 if x < 20:
 print “ok”
 else:
 print “nope”
SYMBOLIC EXECUTION ➤ x = input()
 y = x * 5
 if x < 20:
 print “ok”
 else:
 print “nope” y=sym_x*5 sym_x x < 20 ok nope
CONCRETE EXECUTION ➤ x = input()
 y = x * 5
 if x < 20:
 print “ok”
 else:
 print “nope” y=sym_x*5 sym_x x < 20 ok nope
CONCOLIC EXECUTION ➤ x = input()
 y = x * 5
 if x < 20:
 print “ok”
 else:
 print “nope” y=sym_x*5 sym_x x < 20 ok nope
OPEN SOURCE DBA FRAMEWORKS/TOOLS ➤ Triton ➤ Angr ➤ BitBlaze TEMU ➤ Valgrind Tools ➤ PIN Tools
REFERENCES ➤ http://uninformed.org/index.cgi?v=7&a=1&p=3 ➤ https://software.intel.com/sites/landingpage/pintool/docs/ 76991/Pin/html/ ➤ http://smtlib.cs.uiowa.edu/solvers.shtml

Recommended

Hacking the Gateways
Hacking the GatewaysHacking the Gateways
Hacking the GatewaysOnur Alanbel
 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?inaz2
 
Raptor web application firewall
Raptor web application firewallRaptor web application firewall
Raptor web application firewallAntonio Costa aka Cooler_
 
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...RootedCON
 
0d1n
0d1n0d1n
0d1nAntonio Costa aka Cooler_
 
NSC #2 - Challenge Solution
NSC #2 - Challenge SolutionNSC #2 - Challenge Solution
NSC #2 - Challenge SolutionNoSuchCon
 
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...Maksim Shudrak
 
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...RootedCON
 

Recommended

Hacking the Gateways
Hacking the GatewaysHacking the Gateways
Hacking the GatewaysOnur Alanbel
 
Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?Can We Prevent Use-after-free Attacks?
Can We Prevent Use-after-free Attacks?inaz2
 
Raptor web application firewall
Raptor web application firewallRaptor web application firewall
Raptor web application firewallAntonio Costa aka Cooler_
 
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...
Ricardo J. Rodríguez & Daniel Uroz - When ROP meets Turing: Automatic Generat...RootedCON
 
0d1n
0d1n0d1n
0d1nAntonio Costa aka Cooler_
 
NSC #2 - Challenge Solution
NSC #2 - Challenge SolutionNSC #2 - Challenge Solution
NSC #2 - Challenge SolutionNoSuchCon
 
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...
Zero bugs found? Hold my beer AFL! how to improve coverage-guided fuzzing and...Maksim Shudrak
 
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...RootedCON
 
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Maksim Shudrak
 
Stealth post-exploitation with phpsploit
Stealth post-exploitation with phpsploitStealth post-exploitation with phpsploit
Stealth post-exploitation with phpsploitNullbyte Security Conference
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Patricia Aas
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Patricia Aas
 
Hacking with Backtrack Lecture-3
Hacking with Backtrack Lecture-3Hacking with Backtrack Lecture-3
Hacking with Backtrack Lecture-3Zia Ush Shamszaman
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON
 
Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxPatricia Aas
 
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web HackerHeadLightSecurity
 
WAF protections and bypass resources
WAF protections and bypass resourcesWAF protections and bypass resources
WAF protections and bypass resourcesAntonio Costa aka Cooler_
 
Introduction to VeriFast @ Kyoto
Introduction to VeriFast @ KyotoIntroduction to VeriFast @ Kyoto
Introduction to VeriFast @ KyotoKiwamu Okabe
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Patricia Aas
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF n|u - The Open Security Community
 
Kali Linux - Falconer
Kali Linux - FalconerKali Linux - Falconer
Kali Linux - FalconerTony Godfrey
 
Understand study
Understand studyUnderstand study
Understand studyAntonio Costa aka Cooler_
 
A Hypervisor IPS based on Hardware Assisted Virtualization Technology
A Hypervisor IPS based on Hardware Assisted Virtualization TechnologyA Hypervisor IPS based on Hardware Assisted Virtualization Technology
A Hypervisor IPS based on Hardware Assisted Virtualization TechnologyFFRI, Inc.
 
Thunderbolts and Lightning: Very Very Frightening
Thunderbolts and Lightning: Very Very FrighteningThunderbolts and Lightning: Very Very Frightening
Thunderbolts and Lightning: Very Very Frighteningblowmenowpls
 
Fuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugsFuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugsPawel Rzepa
 
Talk NullByteCon 2015
Talk NullByteCon 2015Talk NullByteCon 2015
Talk NullByteCon 2015Roberto Soares
 
DEFCON 23 - Ian Latter - remote access the apt
DEFCON 23 - Ian Latter - remote access the aptDEFCON 23 - Ian Latter - remote access the apt
DEFCON 23 - Ian Latter - remote access the aptFelipe Prado
 
What the Fax!?
What the Fax!?What the Fax!?
What the Fax!?Priyanka Aash
 

More Related Content

What's hot

Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Maksim Shudrak
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Patricia Aas
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Patricia Aas
 
Hacking with Backtrack Lecture-3
Hacking with Backtrack Lecture-3Hacking with Backtrack Lecture-3
Hacking with Backtrack Lecture-3Zia Ush Shamszaman
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON
 
Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxPatricia Aas
 
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web HackerHeadLightSecurity
 
Introduction to VeriFast @ Kyoto
Introduction to VeriFast @ KyotoIntroduction to VeriFast @ Kyoto
Introduction to VeriFast @ KyotoKiwamu Okabe
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Patricia Aas
 
Kali Linux - Falconer
Kali Linux - FalconerKali Linux - Falconer
Kali Linux - FalconerTony Godfrey
 
A Hypervisor IPS based on Hardware Assisted Virtualization Technology
A Hypervisor IPS based on Hardware Assisted Virtualization TechnologyA Hypervisor IPS based on Hardware Assisted Virtualization Technology
A Hypervisor IPS based on Hardware Assisted Virtualization TechnologyFFRI, Inc.
 
Thunderbolts and Lightning: Very Very Frightening
Thunderbolts and Lightning: Very Very FrighteningThunderbolts and Lightning: Very Very Frightening
Thunderbolts and Lightning: Very Very Frighteningblowmenowpls
 
Fuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugsFuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugsPawel Rzepa
 

What's hot (20)

Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
Fuzzing malware for fun & profit. Applying Coverage-Guided Fuzzing to Find Bu...
 
Stealth post-exploitation with phpsploit
Stealth post-exploitation with phpsploitStealth post-exploitation with phpsploit
Stealth post-exploitation with phpsploit
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)
 
Hacking with Backtrack Lecture-3
Hacking with Backtrack Lecture-3Hacking with Backtrack Lecture-3
Hacking with Backtrack Lecture-3
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?
 
Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium Sandbox
 
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web Hacker
 
WAF protections and bypass resources
WAF protections and bypass resourcesWAF protections and bypass resources
WAF protections and bypass resources
 
Introduction to VeriFast @ Kyoto
Introduction to VeriFast @ KyotoIntroduction to VeriFast @ Kyoto
Introduction to VeriFast @ Kyoto
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF
 
Kali Linux - Falconer
Kali Linux - FalconerKali Linux - Falconer
Kali Linux - Falconer
 
Understand study
Understand studyUnderstand study
Understand study
 
A Hypervisor IPS based on Hardware Assisted Virtualization Technology
A Hypervisor IPS based on Hardware Assisted Virtualization TechnologyA Hypervisor IPS based on Hardware Assisted Virtualization Technology
A Hypervisor IPS based on Hardware Assisted Virtualization Technology
 
Thunderbolts and Lightning: Very Very Frightening
Thunderbolts and Lightning: Very Very FrighteningThunderbolts and Lightning: Very Very Frightening
Thunderbolts and Lightning: Very Very Frightening
 
Fuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugsFuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugs
 
Talk NullByteCon 2015
Talk NullByteCon 2015Talk NullByteCon 2015
Talk NullByteCon 2015
 

Similar to The Postmodern Binary Analysis

DEFCON 23 - Ian Latter - remote access the apt
DEFCON 23 - Ian Latter - remote access the aptDEFCON 23 - Ian Latter - remote access the apt
DEFCON 23 - Ian Latter - remote access the aptFelipe Prado
 
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in FirmwareUsing Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in FirmwareLastline, Inc.
 
Python intro01classes in_navi_mumbai
Python intro01classes in_navi_mumbaiPython intro01classes in_navi_mumbai
Python intro01classes in_navi_mumbaivibrantuser
 
Language Integrated Query - LINQ
Language Integrated Query - LINQLanguage Integrated Query - LINQ
Language Integrated Query - LINQDoncho Minkov
 
Project “The Interceptor”: Owning anti-drone systems with nanodrones
Project “The Interceptor”: Owning anti-drone systems with nanodronesProject “The Interceptor”: Owning anti-drone systems with nanodrones
Project “The Interceptor”: Owning anti-drone systems with nanodronesPriyanka Aash
 
RTOS application verified by VeriFast, and future plan
RTOS application verified by VeriFast, and future planRTOS application verified by VeriFast, and future plan
RTOS application verified by VeriFast, and future planKiwamu Okabe
 
ATS Programming Tutorial
ATS Programming TutorialATS Programming Tutorial
ATS Programming TutorialKiwamu Okabe
 
DAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZoneDAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZoneLEGATO project
 
Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...
Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...
Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...buildacloud
 
Writing High-Performance Software by Arvid Norberg
Writing High-Performance Software by Arvid NorbergWriting High-Performance Software by Arvid Norberg
Writing High-Performance Software by Arvid Norbergbittorrentinc
 
[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes
[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes
[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik OpcodesCODE BLUE
 
Bypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionBypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionRiscure
 
Building Search for Bitbucket Cloud
Building Search for Bitbucket CloudBuilding Search for Bitbucket Cloud
Building Search for Bitbucket CloudAtlassian
 
RING 0/-2 ROOKITS : COMPROMISING DEFENSES
RING 0/-2 ROOKITS : COMPROMISING DEFENSES RING 0/-2 ROOKITS : COMPROMISING DEFENSES
RING 0/-2 ROOKITS : COMPROMISING DEFENSESPriyanka Aash
 
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTInria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTStéphanie Roger
 
Asterisk security with kingasterisk
Asterisk security with kingasteriskAsterisk security with kingasterisk
Asterisk security with kingasteriskKing Asterisk
 
Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...
Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...
Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...Databricks
 
Finding Xori: Malware Analysis Triage with Automated Disassembly
Finding Xori: Malware Analysis Triage with Automated DisassemblyFinding Xori: Malware Analysis Triage with Automated Disassembly
Finding Xori: Malware Analysis Triage with Automated DisassemblyPriyanka Aash
 

Similar to The Postmodern Binary Analysis (20)

DEFCON 23 - Ian Latter - remote access the apt
DEFCON 23 - Ian Latter - remote access the aptDEFCON 23 - Ian Latter - remote access the apt
DEFCON 23 - Ian Latter - remote access the apt
 
What the Fax!?
What the Fax!?What the Fax!?
What the Fax!?
 
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in FirmwareUsing Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
Using Static Binary Analysis To Find Vulnerabilities And Backdoors in Firmware
 
Python intro01classes in_navi_mumbai
Python intro01classes in_navi_mumbaiPython intro01classes in_navi_mumbai
Python intro01classes in_navi_mumbai
 
Language Integrated Query - LINQ
Language Integrated Query - LINQLanguage Integrated Query - LINQ
Language Integrated Query - LINQ
 
Project “The Interceptor”: Owning anti-drone systems with nanodrones
Project “The Interceptor”: Owning anti-drone systems with nanodronesProject “The Interceptor”: Owning anti-drone systems with nanodrones
Project “The Interceptor”: Owning anti-drone systems with nanodrones
 
RTOS application verified by VeriFast, and future plan
RTOS application verified by VeriFast, and future planRTOS application verified by VeriFast, and future plan
RTOS application verified by VeriFast, and future plan
 
ATS Programming Tutorial
ATS Programming TutorialATS Programming Tutorial
ATS Programming Tutorial
 
DAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZoneDAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZone
 
Violent python
Violent pythonViolent python
Violent python
 
Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...
Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...
Building Reliable Cloud Storage with Riak and CloudStack - Andy Gross, Chief ...
 
Writing High-Performance Software by Arvid Norberg
Writing High-Performance Software by Arvid NorbergWriting High-Performance Software by Arvid Norberg
Writing High-Performance Software by Arvid Norberg
 
[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes
[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes
[CB17] Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes
 
Bypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault InjectionBypassing Secure Boot using Fault Injection
Bypassing Secure Boot using Fault Injection
 
Building Search for Bitbucket Cloud
Building Search for Bitbucket CloudBuilding Search for Bitbucket Cloud
Building Search for Bitbucket Cloud
 
RING 0/-2 ROOKITS : COMPROMISING DEFENSES
RING 0/-2 ROOKITS : COMPROMISING DEFENSES RING 0/-2 ROOKITS : COMPROMISING DEFENSES
RING 0/-2 ROOKITS : COMPROMISING DEFENSES
 
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTInria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
 
Asterisk security with kingasterisk
Asterisk security with kingasteriskAsterisk security with kingasterisk
Asterisk security with kingasterisk
 
Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...
Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...
Microservices and Teraflops: Effortlessly Scaling Data Science with PyWren wi...
 
Finding Xori: Malware Analysis Triage with Automated Disassembly
Finding Xori: Malware Analysis Triage with Automated DisassemblyFinding Xori: Malware Analysis Triage with Automated Disassembly
Finding Xori: Malware Analysis Triage with Automated Disassembly
 

More from Onur Alanbel

Başarılı Bir Siber Saldırının Perde Arkası ve Vaka Analizi
Başarılı Bir Siber Saldırının Perde Arkası ve Vaka AnaliziBaşarılı Bir Siber Saldırının Perde Arkası ve Vaka Analizi
Başarılı Bir Siber Saldırının Perde Arkası ve Vaka AnaliziOnur Alanbel
 
SOC Ekiplerinin Problemlerine Güncel Yaklaşımlar
SOC Ekiplerinin Problemlerine Güncel YaklaşımlarSOC Ekiplerinin Problemlerine Güncel Yaklaşımlar
SOC Ekiplerinin Problemlerine Güncel YaklaşımlarOnur Alanbel
 
Dünden Bugüne Exploit Dünyası
Dünden Bugüne Exploit DünyasıDünden Bugüne Exploit Dünyası
Dünden Bugüne Exploit DünyasıOnur Alanbel
 
Binary Hacking Hakkında Herşey
Binary Hacking Hakkında HerşeyBinary Hacking Hakkında Herşey
Binary Hacking Hakkında HerşeyOnur Alanbel
 
Developing MIPS Exploits to Hack Routers
Developing MIPS Exploits to Hack RoutersDeveloping MIPS Exploits to Hack Routers
Developing MIPS Exploits to Hack RoutersOnur Alanbel
 
OWASPTR Uygulama Güvenliği Günü 2013
OWASPTR Uygulama Güvenliği Günü 2013OWASPTR Uygulama Güvenliği Günü 2013
OWASPTR Uygulama Güvenliği Günü 2013Onur Alanbel
 

More from Onur Alanbel (7)

Başarılı Bir Siber Saldırının Perde Arkası ve Vaka Analizi
Başarılı Bir Siber Saldırının Perde Arkası ve Vaka AnaliziBaşarılı Bir Siber Saldırının Perde Arkası ve Vaka Analizi
Başarılı Bir Siber Saldırının Perde Arkası ve Vaka Analizi
 
SOC Ekiplerinin Problemlerine Güncel Yaklaşımlar
SOC Ekiplerinin Problemlerine Güncel YaklaşımlarSOC Ekiplerinin Problemlerine Güncel Yaklaşımlar
SOC Ekiplerinin Problemlerine Güncel Yaklaşımlar
 
Dünden Bugüne Exploit Dünyası
Dünden Bugüne Exploit DünyasıDünden Bugüne Exploit Dünyası
Dünden Bugüne Exploit Dünyası
 
Shellshock
ShellshockShellshock
Shellshock
 
Binary Hacking Hakkında Herşey
Binary Hacking Hakkında HerşeyBinary Hacking Hakkında Herşey
Binary Hacking Hakkında Herşey
 
Developing MIPS Exploits to Hack Routers
Developing MIPS Exploits to Hack RoutersDeveloping MIPS Exploits to Hack Routers
Developing MIPS Exploits to Hack Routers
 
OWASPTR Uygulama Güvenliği Günü 2013
OWASPTR Uygulama Güvenliği Günü 2013OWASPTR Uygulama Güvenliği Günü 2013
OWASPTR Uygulama Güvenliği Günü 2013
 

Recently uploaded

定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 

Recently uploaded (20)

Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 

The Postmodern Binary Analysis