| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
evm Reversing large binaries is hard - but what if we could automatically recover the software architecture before we got started? This talk discusses two algorithms to recover object file boundaries from a linked binary. It shows some useful applications, including automated module-to-module call graphs (extracting software architecture), and automated section naming based on common strings.
evm has been staring at code for over a decade. A recovering Windows internals guy, he now spends most of his time with embedded systems. At APL he helped start an RE working group, and a hacker magazine. He enjoys teaching the young'uns how to snatch the error code from the trap frame.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast