This is a brief tutorial of one of the reverse engineering tools (Hardware Emulator) used by the Air Force Research Laboratory to analyze application and driver code on x86 systems. It’s also a neat way to debug hypervisors!
Jason Raber has spent 9 years in the world of reverse engineering, preceded by 5 years working at Texas Instruments developing compiler tools for DSPs (code generators, assemblers, linkers, disassemblers, etc). Developing C compilers for 5 years prior to reverse engineering provided a good foundation for understanding machine language and hardware that is commonly utilized in reverse engineering tasks. Jason has significant experience in extracting intellectual property from a broad spectrum of software, including user applications, DLLs, drivers, OS kernels, and firmware, on a variety of platforms (Windows/Linux/Mac/embedded). He has also worked on identifying and analyzing malware to characterize it and/or neutralize it. Jason has also presented at 2 different Black Hat Cons, Recon 2008, and WCRE 2008. Jason currently serves as a team lead for a software assessment team in the United States Air Force Research Laboratory, providing the DoD with specialized software security support.
US Air Force Research Laboratory Jason Cheatham has been involved in the computer security field for the past 5 years. During that time he has analyzed a number of commercial and government developed software systems, contributed to some novel attack modeling research, and become an accomplished lurker at technical conferences. Jason has also worked on the development side, creating and encryption tool that is officially certified for use on Air Force desktop systems, and a stealthy kernel debugger that is used by the DoD. Jason is employed by the US Air Force Research Laboratory as a reverse engineer and software developer.