Machine-Code Analysis With Open-Source Decompiler RetDec
Key | Action |
---|---|
K or space | Play / Pause |
M | Mute / Unmute |
C | Select next subtitles |
A | Select next audio track |
V | Show slide in full page or toggle automatic source change |
left arrow | Seek 5s backward |
right arrow | Seek 5s forward |
shift + left arrow or J | Seek 10s backward |
shift + right arrow or L | Seek 10s forward |
control + left arrow | Seek 60s backward |
control + right arrow | Seek 60s forward |
shift + down arrow | Decrease volume |
shift + up arrow | Increase volume |
shift + comma | Decrease playback rate |
shift + dot or shift + semicolon | Increase playback rate |
end | Seek to end |
beginning | Seek to beginning |
Share this media
Download links
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
Links:
Number of views:
257Creation date:
July 2, 2018Speakers:
Jakub Kroustek and Peter MatulaLicense:
CC BY-SA v4Description
When we need to deeply analyze a binary application (e.g. for malware dissection, vulnerability research, code optimization), static code analysis is what we use most of the time. However, static analysis of machine-code is usually not an easy task. It is actually a tough one in case of malware analysis. Luckily, existing machine-code decompilers help with this task significantly. On the other hand, the most well-known decompilers are either proprietary, cannot be easily modified for a given task, or both.
In this talk, we would like to depict our machine-code decompiler called RetDec(Retargetable Decompiler) that we are developing in Avast since 2011 and which we have open-sourced a few months ago under the MIT license. Its primary goal is, of course, decompilation of binary (malicious) applications, but its components can also be used for other tasks, such as disassembly, extraction of basic blocks, or initial assessment of malware samples.
Jakub Kroustek
Jakub is leading the threat intelligence team at Avast Software and previously at AVG, 7 years in total. Jakub is a malware analyst and reverse engineer with expertise in ransomware, botnets, and cryptography. He has his Ph.D. for a machine-code analysis.
Peter Matula
Peter is a senior software developer at Avast Software. He focuses on reverse-engineering research and is currently the main developer of the RetDec decompiler. He received his MSc. degree from the Faculty of Information Technology, Brno University of Technology, Czech Republic.
Other media in the channel "2018"
- 110 views, 7 this year, 1 this monthGlassfish from (IN)Secure adminJuly 6th, 2018
- 160 views, 3 this yearShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
- 57 views, 3 this yearOpen Hardware for (software) offensive securityJuly 6th, 2018
- 48 views, 4 this yearFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
- 76 views, 1 this yearExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
- 23 viewsIo(M)T Security: A year in reviewJuly 6th, 2018