9 posts in tag Analysis API

Looking at a Linux CVE with REVEN 2.8.2

17 Jun 2021 by Louis and Quentin - REVEN - Linux Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

Want to analyze Linux systems or applications using Tetrane’s Timeless Debugging and Analysis (TDnA) platform? The freshly released REVEN 2.8.2 adds official support for Linux to the Professional edition! In this article, we will see a step by step analysis of a recent vulnerability–CVE-2021-3156– from the record of an exploit...

Interprocess Use of Uninitialized Memory detection using REVEN

09 Mar 2021 by Quentin and Louis - REVEN - Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

Continuing in the series of vulnerability detection scripts, such as the BoF article and the UAF article, today’s article introduces a notebook to detect uses of uninitialized heap memory in REVEN scenarios. In memory unsafe languages such as C, it is common for variables to start their life uninitialized. Some...

Detecting Buffer-Overflow vulnerabilities using REVEN

11 Feb 2021 by Quentin - REVEN - Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

The REVEN Buffer-Overflow (BoF) detection capability is built on the top of the Use-after-Free (UaF) script. Therefore, it is best to read the UaF article before this one. We will explain how the UaF detection Jupyter notebook led us to develop a Buffer-Overflow detection Jupyter notebook (available on Github) and...

Finding uses of cryptographic functions and the data encrypted by an application

26 Jan 2021 by Louis - Tutorial - Use cases REVEN Reverse Engineering Analysis API Cryptography

How to find cryptography implemented by an application in a REVEN trace? Let’s explore two ways of doing so! Looking for known symbol calls REVEN provides several features related to symbol calls: The symbol search feature allows you to look throughout the entire trace to find calls to a specific...

Detecting Use-After-Free vulnerabilities using REVEN

15 Dec 2020 by Louis ,Quentin and Benoit - REVEN - Use After Free Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

Tetrane’s Timeless Debugging and Analysis (TDnA) allows to capture a time slice of the execution of a system (CPU, Memory, Hardware Events) and provides some powerful analysis features that speed up and scale the reverse engineering process. It can be combined with various fuzzing approaches that will drive the discovery...

Interactive write-ups with REVEN and Jupyter

09 Sep 2020 by Louis - Tutorial - Reverse Engineering Analysis API REVEN

OK, so you just recorded this nice trace of the latest malware-of-the-week, great! You went around the timeline in Axion, did some symbol search, it all looks very promising. Time to dive into the depths of the analysis… What was the name of that function again? The one that’s probably...

Tracing network data back to encryption

16 Jul 2020 by Mathieu - REVEN - Reverse Engineering Malware Analysis Analysis API Taint REVEN

In this video, we demonstrate how REVEN makes it possible to connect data sent through the network with the code that generated it beforehand. In our case, this reveals a decryption routine in a malware. The first step is to reconstruct a usable PCAP file from the trace to explore...

Automated analysis of crashes or malware, and integration with fuzzers

06 May 2020 by Mathieu - Tutorial Automation - Demo Automation Workflow API Analysis API Scenario recording

Analyzing a crash within a fuzzing process or not, capturing and analyzing malware activities, those tasks can now be fully automated with REVEN. It’s also easy to plug it into your tool chain or customize it. This demo presents the entire automated workflow: starting a VM. loading and launching the...

REVEN 2.2: Python API, Automatic Recording, and more

12 Sep 2019 by Louis - Technical - REVEN Releases Announcement Automation Analysis API Workflow API

Tetrane is happy to announce the recent release of REVEN 2.2. REVEN is an automated Reverse Engineering Platform designed to go x10 faster & x10 deeper using Timeless Analysis. Technically, REVEN captures a time slice of a full system execution (CPU, Memory, Hardware events) to provide unique analysis features that...