5 posts in archive
Who corrupted the data! Get a fast and precise answer with the taint
In vulnerability analysis a frequent question that needs answering is: “who corrupted this data?”. Timeless Debugging and Analysis (TDnA) systems like REVEN can provide fast and accurate answers to this particular question. For example, the Memory History feature of REVEN allows to see the entire list of accesses to a...
REVEN OpenLab - Feb 18th, 2021
Join us on February 18th for an Open Lab where you will analyze 2 recent CVEs using REVEN Timeless Analysis and Debugging Platform. After a short introduction, you will take the driving seat (each participant gets her/his own REVEN instance) to analyze: A program crash CVE-2020-16898: Microsoft Windows TCP/IP Remote...
Detecting Buffer-Overflow vulnerabilities using REVEN
11 Feb 2021
by
Quentin
-
REVEN
-
Reverse Engineering
Vulnerability Detection
Analysis API
Taint
REVEN
The REVEN Buffer-Overflow (BoF) detection capability is built on the top of the Use-after-Free (UaF) script. Therefore, it is best to read the UaF article before this one. We will explain how the UaF detection Jupyter notebook led us to develop a Buffer-Overflow detection Jupyter notebook (available on Github) and...
Finding uses of cryptographic functions and the data encrypted by an application
How to find cryptography implemented by an application in a REVEN trace? Let’s explore two ways of doing so! Looking for known symbol calls REVEN provides several features related to symbol calls: The symbol search feature allows you to look throughout the entire trace to find calls to a specific...
HITBCyberWeek 2020 REVEN Lab replay
In November 2020, Tetrane presented a remote technical hands-on lab at HITB CyberWeek about timeless debugging and analysis. We are sharing the recording of the lab as it’s a good opportunity to discover the dynamic approach of REVEN: the type of questions a trace can provide answers to, how to...
