Automated analysis of crashes or malware, and integration with fuzzers

May 06, 2020
by Mathieu
Categories: Tutorial - Automation -
Tags: Demo - Automation - Workflow API - Analysis API - Scenario recording -

Analyzing a crash within a fuzzing process or not, capturing and analyzing malware activities, those tasks can now be fully automated with REVEN. It’s also easy to plug it into your tool chain or customize it.

This demo presents the entire automated workflow:

  • starting a VM.
  • loading and launching the desired binaries.
  • starting and stopping the recording when required.
  • post-processing the recording to generate the trace.
  • launching analysis scripts to identify the crash and extract relevant information.

The short video of the full process:

Recording a scenario for analysis can also be done interactively: set the VM in the state you want to start from and manually trigger the start and stop of the recording. A post introducing this procedure is available here.

Next post: Announcing REVEN version 2.5
Previous post: REVEN DEMO - Comparing the dynamic execution on 2 systems (3/3)