Pointy Stick: Poking through to the heart of a binary

THOTCON 0x5

Presented by: whistlepig
Date: Friday April 25, 2014
Time: 12:00 - 12:20
Location: IB
Track: Turbo

License managers and validation routines are typically very small pieces of code, relative to the applications that contains them. However, to bypass software protections, static analysis is an inefficient method of locating code of interest. Traditional dynamic analysis suffers from lack of targeted snapshotting and tracing capabilities. This presentation debuts PointyStick, an application designed to allow targeted dynamic program tracing and memory snapshotting. PointyStick enables code regions of interest to be located rapidly, which can then be further analyzed.

whistlepig

Sam has always been passionate about finding ways to break things. Sam initially learned reverse engineering to crack protections on some of his favorite programs, which he of course had a license for. He has worn several hats since then, such as malware analyst, reverse engineer, kernel space developer, and is currently working as a cryptographer. He is also an avid beer fan and loves 312.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats