Aaron Portnoy(HP TippingPoint DVLabs)

Experiments using IDA Pro as a data store

This talk will cover the TippingPoint security research team's experiments using IDA Pro to mirror a datasource. The ability to harvest attributes and metadata from a binary can allow a reverser to extend their arsenal of approaches to solving their problems. By combining the information available statically with supplemental data collected from a debugger, a reverser can paint a more complete picture of the target application. Additionally, the ability to modify attributes and subsequently query them via a friendly interface can aid in collaborative reversing. This lightning talk aims to demonstrate what other tasks can be accomplished when building functionality on top of a few simple primitives.

Sobre Aaron Portnoy

Aaron Portnoy is the Manager of the Security Research Team at TippingPoint Technologies. His group is responsible for reverse engineering vulnerability submissions to the Zero Day Initiative program, discovering new 0day vulnerabilities in enterprise software, developing tools to aid in these processes, and architecting competitions such as Pwn2Own. Aaron has discovered critical vulnerabilities affecting a wide range of vendors including, but not limited to: Microsoft, Adobe, RSA, Novell, Symantec, HP, IBM, and VMware. He has presented original research in the areas of reverse engineering and fuzzing at conferences such as BlackHat, BlueHat, RSA, and RECon. Additionally, Aaron has been an invited speaker at the National Security Agency, the Polytechnic Institute of NYU, and has been referenced in several published books.

« volver a Speakers

NOVEDADES


diseño: GrafikaWeb