Static instrumentation based on executable file formats

Loading Click here to add:
Add to notification list

WARNING: the introduction part is missing from the recording, we are sorry for that.

Many instrumentation techniques are based on modifying code or system environment of the target. It can be suitable for scenarios but it could not work under certain circumstance (integrity checking, non-rooted environment…) In this talk we propose similar techniques by only modifying the executable format. This enables to be architecture independent, injection and hooking does not require privileged environment. 

Romain Thomas 
Romain is a security engineering at Quarkslab working on the development of new tools to assist security researchers. He is also interested in Android internal, (de)obfuscation and software protections. He previously contributed to the Triton project, a dynamic binary analysis framework.