5 posts in tag Vulnerability Detection
Yes, race conditions can be detected with a single core Timeless Debugging and Analysis platform!
01 Mar 2022
by
Louis
and Quentin
-
Technical
-
Reverse Engineering
REVEN
Buffer overflow
Taint
Race Condition
Vulnerability Detection

As REVEN emulates a single core machine, a frequent question we receive is if it is possible to use REVEN to analyze race conditions. There can be a lot of confusion around what is possible or not, so in this article we hope to address this by giving examples of...
Looking at a Linux CVE with REVEN 2.8.2
17 Jun 2021
by
Louis
and Quentin
-
REVEN
-
Linux
Reverse Engineering
Vulnerability Detection
Analysis API
Taint
REVEN

Want to analyze Linux systems or applications using Tetrane’s Timeless Debugging and Analysis (TDnA) platform? The freshly released REVEN 2.8.2 adds official support for Linux to the Professional edition! In this article, we will see a step by step analysis of a recent vulnerability–CVE-2021-3156– from the record of an exploit...
Interprocess Use of Uninitialized Memory detection using REVEN
09 Mar 2021
by
Quentin
and Louis
-
REVEN
-
Reverse Engineering
Vulnerability Detection
Analysis API
Taint
REVEN

Continuing in the series of vulnerability detection scripts, such as the BoF article and the UAF article, today’s article introduces a notebook to detect uses of uninitialized heap memory in REVEN scenarios. In memory unsafe languages such as C, it is common for variables to start their life uninitialized. Some...
Detecting Buffer-Overflow vulnerabilities using REVEN
11 Feb 2021
by
Quentin
-
REVEN
-
Reverse Engineering
Vulnerability Detection
Analysis API
Taint
REVEN

The REVEN Buffer-Overflow (BoF) detection capability is built on the top of the Use-after-Free (UaF) script. Therefore, it is best to read the UaF article before this one. We will explain how the UaF detection Jupyter notebook led us to develop a Buffer-Overflow detection Jupyter notebook (available on Github) and...
Detecting Use-After-Free vulnerabilities using REVEN
15 Dec 2020
by
Louis
,Quentin
and Benoit
-
REVEN
-
Use After Free
Reverse Engineering
Vulnerability Detection
Analysis API
Taint
REVEN

Tetrane’s Timeless Debugging and Analysis (TDnA) allows to capture a time slice of the execution of a system (CPU, Memory, Hardware Events) and provides some powerful analysis features that speed up and scale the reverse engineering process. It can be combined with various fuzzing approaches that will drive the discovery...