Danny Quist & Valsmith: Covert Debugging: Circumventing Software Armoring Techniques - podcast episode cover

Danny Quist & Valsmith: Covert Debugging: Circumventing Software Armoring Techniques

Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.
Jan 09, 200648 min
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Software armoring techniques have increasingly created problems for reverse engineers and software analysts. As protections such as packers, run-time obfuscators, virtual machine and debugger detectors become common newer methods must be developed to cope with them. In this talk we will present our covert debugging platform named Saffron. Saffron is based upon dynamic instrumentation techniques as well as a newly developed page fault assisted debugger. We show that the combination of these two techniques is effective in removing armoring from the most advanced software armoring systems. As a demonstration we will automatically remove packing protections from malware.
For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
Danny Quist & Valsmith: Covert Debugging: Circumventing Software Armoring Techniques | Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. podcast - Listen or read transcript on Metacast