SWF file unpacking with REVEN

Matryoshka dolls.

Source: wikimedia commons

Recently we took a look at a new flash player exploit used by the Angler exploit kit. The sample was obfuscated using the well known 'packing' technique: the dropped swf file embeds a second stage swf in the form of an encrypted blob that will be decrypted …

more ...

REVEN in your toolkit

Reven provides many analysis tools but still might lack some of your favorite tool features. To address this issue we created a Python API to allow you to create and share plugins. We also developed some ourselves to make REVEN’s interaction with external tools possible.

Universal debugging

The Gnu …

more ...

Data painting

image0

http://www.cir.uc.edu/

In this post we'll present Reven dynamic data tainting capabilities and see some use cases of the tool.

Dynamic data tainting

The so called data tainting is a well known technique used to analyse the impact of data on a program. The idea is to …

more ...