Anti-reversing: A Cake Full of Onions

BSidesChicago 2016

Presented by: Wartortell
Date: Saturday May 07, 2016
Time: 15:30 - 16:10
Location: Main Track

There are many different ways to protect your code from being reversed. There are a litany of packers and virtualization techniques, as well as anti-debugging, anti-disassembly, and anti-virtualization approaches that can protect your code from nosy reversers. However, there are also a number of ways around each of these techniques. As protections get better, so do reversers. Also, many of these techniques exist at the binary level, and will not protect your source code if necessary. During this talk, I will discuss some of the protection techniques that exist, from malware authors to current mainstream software authors. In addition, I'll demonstrate a multi-language source code obfuscation tool I've created for the purposes of protection. This tool makes reversing and understanding the purpose of your code drastically harder via obfuscation and other anti-reversing methods.

Wartortell

Wartortell works as a reverse engineer and malware researcher for Palo Alto Networks. Previously he worked in Threat Intel, Binary Rewriting and Binary Transparency. He also casts a mean Ice Punch, and this is not even his final form.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats