1 post in archive
Tracing network data back to encryption

In this video, we demonstrate how REVEN makes it possible to connect data sent through the network with the code that generated it beforehand. In our case, this reveals a decryption routine in a malware. The first step is to reconstruct a usable PCAP file from the trace to explore...