Machine-Code Analysis With Open-Source Decompiler RetDec
| Action | Key |
|---|---|
| Play / Pause | K or space |
| Mute / Unmute | M |
| Toggle fullscreen mode | F |
| Select next subtitles | C |
| Select next audio track | A |
| Toggle automatic slides maximization | V |
| Seek 5s backward | left arrow |
| Seek 5s forward | right arrow |
| Seek 10s backward | shift + left arrow or J |
| Seek 10s forward | shift + right arrow or L |
| Seek 60s backward | control + left arrow |
| Seek 60s forward | control + right arrow |
| Seek 1 frame backward | alt + left arrow |
| Seek 1 frame forward | alt + right arrow |
| Decrease volume | shift + down arrow |
| Increase volume | shift + up arrow |
| Decrease playback rate | < |
| Increase playback rate | > |
| Seek to end | end |
| Seek to beginning | beginning |
Share this media
Download links
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
When we need to deeply analyze a binary application (e.g. for malware dissection, vulnerability research, code optimization), static code analysis is what we use most of the time. However, static analysis of machine-code is usually not an easy task. It is actually a tough one in case of malware analysis. Luckily, existing machine-code decompilers help with this task significantly. On the other hand, the most well-known decompilers are either proprietary, cannot be easily modified for a given task, or both.
In this talk, we would like to depict our machine-code decompiler called RetDec(Retargetable Decompiler) that we are developing in Avast since 2011 and which we have open-sourced a few months ago under the MIT license. Its primary goal is, of course, decompilation of binary (malicious) applications, but its components can also be used for other tasks, such as disassembly, extraction of basic blocks, or initial assessment of malware samples.
Jakub Kroustek
Jakub is leading the threat intelligence team at Avast Software and previously at AVG, 7 years in total. Jakub is a malware analyst and reverse engineer with expertise in ransomware, botnets, and cryptography. He has his Ph.D. for a machine-code analysis.
Peter Matula
Peter is a senior software developer at Avast Software. He focuses on reverse-engineering research and is currently the main developer of the RetDec decompiler. He received his MSc. degree from the Faculty of Information Technology, Brno University of Technology, Czech Republic.
Other media in the channel "2018"
116 views, 5 this yearGlassfish from (IN)Secure adminJuly 6th, 2018
161 views, 1 this yearShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
57 viewsOpen Hardware for (software) offensive securityJuly 6th, 2018
48 viewsFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
79 views, 2 this yearExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
23 viewsIo(M)T Security: A year in reviewJuly 6th, 2018