SWF file unpacking with REVEN

Matryoshka dolls.

Source: wikimedia commons

Recently we took a look at a new flash player exploit used by the Angler exploit kit. The sample was obfuscated using the well known 'packing' technique: the dropped swf file embeds a second stage swf in the form of an encrypted blob that will be decrypted ...

more ...

REVEN in your toolkit

Reven provides many analysis tools but still might lack some of your favorite tool features. To address this issue we created a Python API to allow you to create and share plugins. We also developed some ourselves to make REVEN’s interaction with external tools possible.

Universal debugging

The Gnu ...

more ...

Data painting

image0

http://www.cir.uc.edu/

In this post we'll present Reven dynamic data tainting capabilities and see some use cases of the tool.

Dynamic data tainting

The so called data tainting is a well known technique used to analyse the impact of data on a program. The idea is ...

more ...