4 posts in archive

Making your own REVEN Axion plugin step by step

02 Jun 2015 by Mathieu - Reven - Reven Axion Plugin Reven

In this article we will shed light on REVEN Axion’s customisation possibilities by describing step by step how to create a simple plugin. Percent plugin in action on push edi. We will walk you through: The specification of our plugin The basics of plugin API for REVEN Axion The implementation...

SWF file unpacking with REVEN

22 Apr 2015 - Reven - Reven Flash swf

Source: wikimedia commons Recently we took a look at a new flash player exploit used by the Angler exploit kit. The sample was obfuscated using the well known ‘packing’ technique: the dropped swf file embeds a second stage swf in the form of an encrypted blob that will be decrypted...

REVEN in your toolkit

20 Feb 2015 - Reven - Reven Axion taint

Reven provides many analysis tools but still might lack some of your favorite tool features. To address this issue we created a Python API to allow you to create and share plugins. We also developed some ourselves to make REVEN’s interaction with external tools possible. Universal debugging The Gnu debugger...

Decoding function arguments

14 Jan 2015 - Reven - Axion Reven taint

Today I will show you a feature that is pretty useful when analysing an application. We call it the “arguments decoder”, and it displays the content of a function’s arguments when its prototype is known. The latter’s definition can be either extracted from the msdn function and structures, or given...