How to really obfuscate your malware Everybody be cool, this is a roppery!

In this BlackHat Vegas 2010 talk, Vincenzo Iozzo, Tim Kornau and Ralf-Phillip Weinmann showed thier framework for automated Return-oriented programming shellcode generation for the IPhone.

View on SlideShare
How to really obfuscate your malware How to really obfuscate your malware

In this ReCon 2010 talk, Sebastian Porst presented a few potential tricks that could be picked up by malware authors to make PDF malware analysis more difficult in the future.

View on SlideShare
Architektur und Vielfalt Architektur und Vielfalt

In this presentation, held at the Univesity of Mannheim, Tim Kornau gave an introduction to architectural divesity in the field of Reverse Engineering and why it is necessary to cope with it.

View on SlideShare
Debugger Debugger

In this German language guest lecture at the University of Mannheim, Sebastian Porst talked about Win32 debugger internals and how to write your own Win32 debugger.

View on SlideShare
Introduction to mobile reversing Introduction to mobile reversing

This talk was a summary of the current state of the art in mobile reversing. Jose Duart gave an overview of reversing applied to Windows Mobile, Android and iPhone applications, and talked about the common problems when reversing them and the work that still has to be done on new tools and methods.

View on SlideShare
Moderne Malwareklassifikation Moderne Malwareklassifikation

In this German language presentation, Sebastian Porst explains different ways to classify malware into families. Both, static and dynamics methods are discussed.

View on SlideShare
VxClass VxClass - Clustering malwares, generating signatures

In this InBot'10 presentation, Christian Blichmann talked about malware clustering using zynamics VxClass as well as automatically generating byte-signatures for AV-products.

View on SlideShare
Shareing is Caring ShaREing is Caring

In this CanSecWest 2010 talk, Thomas Dullien and Sebastian Porst talked about the need of sharing reverse engineering information among reverse engineers and potential solution. The zynamics BinCrowd product for reverse engineered information was launched in this talk.

View on SlideShare
Black Hat 2010 - 0-knowledge fuzzing 0-knowledge fuzzing

In this BlackHat DC 2010 talk, Vincenzo Iozzo talked about a methodology to perform smart fuzzing with no prior knowledge of the data structures being fuzzed.

View on SlideShare
Formale Methoden im Reverse Engineering Formale Methoden im Reverse Engineering

This German language presentation was a guest lecture at the University of Dortmund. In the presentation, Sebastian Porst talked a bit about current problems in reverse engineering and potential solutions based on formal methods from computer science.

View on SlideShare
VxClass for Incident Response VxClass for Incident Response

This presentation is a simple overview of different applications of VxClass for incident responce scenarios. Aside from a general overview of the system, specific use cases (such as noise reduction, attacker correlation and code/artifact search) are discussed.

View on SlideShare
Applications of the reverse engineering language REIL Applications of the reverse engineering language REIL

At the Hacker 2 Hackers conference 2009, Sebastian Porst talked about the reverse engineering language REIL and how to use it for writing static code analysis algorithms.

View on SlideShare
Automated Mobile Malware Classification Automated Mobile Malware Classification

The zynamics VxClass product can be used to classify malware for mobile devices. This presentation demonstrates the threat posed by mobile malware and explains how VxClass can be used by malware analysts to get better results.

View on SlideShare
Automated static deobfuscation in the context of Reverse Engineering Automated static deobfuscation in the context of Reverse Engineering

For a university project, Christian Ketterer explored how to use the reverse engineering intermediate language REIL to statically deobfuscate obfuscated code. In this SOURCE Barcelona 2009 presentation, he and Sebastian Porst talk about the results and problems associated with static deobfuscation.

View on SlideShare
Post exploitation techniques on OSX and iPhone Post exploitation techniques on OSX and iPhone

In this EuSecWest 2009 presentation, Vincenzo Iozzo discusses various post exploitation techniques that an attacker could use on Mac OS X and iPhoneOS.

View on SlideShare
The Reverse Engineering Language REIL and its Applications The Reverse Engineering Language REIL and its Applications

In this Hack in the Box Dubai 2009 presentation, Sebastian Porst gives an overview of the reverse engineering intermediate language REIL.

View on SlideShare
CanSecWest 2009 Platform-independent static binary code analysis using a meta-assembly language

In this CanSecWest 2009 presentation, Thomas Dullien and Sebastian Porst show how to write platform-independent static code analysis algorithms based on our REIL meta-language. As an example they show how buffer underflows could be found.

View on SlideShare
Let your Mach-O fly Let your Mach-O fly

In this BlackHat DC 2009 talk, Vincenzo Iozzo shows how to implement an anti-forensics technique known as userland-exec on Mac OS X.

View on SlideShare