Visual Malware Reversing: How to Stop Reading Assembly and Love the Code

ShmooCon VII - 2011

Presented by: Danny Quist
Date: Sunday January 30, 2011
Time: 11:00 - 12:00
Location: Build It room
Track: Build It!

Reverse engineering is a complicated process that has a lot of room for improvement. This talk will showcase some improvements to our visualization framework, VERA. New features that decrease the overall time to reverse a program will be shown. New items are a debugger based interface which allows for faster analysis without the need for a hypervisor, integrated trace processing tools, IDA Pro integration, and an API to interface with the display. During the talk I will reverse engineer malware samples, and show how to integrate it into your reversing process.

Danny Quist

Danny Quist is the CEO and founder of Offensive Computing, LLC. His research is in automated analysis methods for malware with software and hardware assisted techniques. He has written several defensive systems to mitigate virus attacks on networks and developed a generic network quarantine technology. He consults with both private and public sectors on system and network security. His interests include malware defense, reverse engineering, exploitation methods, virtual machines, and automatic classification systems. Danny holds a Ph.D. from the New Mexico Institute of Mining and Technology.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats