Chat

306 readers

1 users here now

Relaxed section for discussion and debate that doesn't fit anywhere else. Whether it's advice, how your week is going, a link that's at the back of your mind, or something like that, it can likely go here.

Subcommunities on Beehaw:

AskBeehaw

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

[email protected]

I am a cyber security researcher specializing in automated binary analysis - AMA (beehaw.org)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

1 comments fedilink hide all child comments

https://github.com/angr/angr Uses a Concolic execution engine where it can switch from running a binary concretely, break, and then define an unknown input and find what should I be to trigger a different breakpoint. - e.g. what should the “password” pointer be pointing to in order to trigger the “you’re in” branch of code.

Note: it still can’t reverse hashes. If you try to reverse md5 using this approach it’ll consume petabytes of RAM.

I think radare2 was looking into integrating with angr but I don’t know the status of the integration.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

I'm an incident responder/malware analyst. Mostly do static analysis and reverse engineering. What would you say the benefit of your research and this binary analysis is compared to other offerings? What do you do about highly obfuscated or 'benign' looking binaries that aren't?