Demystifying Debugging and Disassembling Applications

SESSION ID:SESSION ID:#RSACJ ames LyneDemystifying Debugging and Disassembling ApplicationsHTA-T10 RGlobal Head of Security ResearchSophos & SANS@JamesLyneStephen SimsSecurity ResearcherSANS Institute@Steph3nSims#RSACPart One: IntroductionDisassembly, Disassemblers, and Debuggers#RSACP urpose3 Disassembly and Debugging is used by Application Developers, Security Researchers, Attackers, Malware experts, Disassembly allows you to interpret machine code and map it to its mnemonic representation to perform static analysisDebugging allows you to monitor application behavior in a controlled manner, offering the ability to pause, patch, and examineDecompilationgoes even further, converting disassembly back to source codeExpertise in this area can offer new opportunitiesSecurity experts who are adept in reverse engineering are highly sought afterExploit sales can quickly yield into the six figures#RSACP rofiting4 Exploit SalesRemote browser or document-based exploits can go for >$10K USDR emote windows kernel bugs can go for >$100K USDZ erodiumpaid $1M USD to a group who disclosed a iOS remote jailbreak exploit - Bounty Examples:United Airlines Will pay up to 1 million award miles for disclosures Will pay various amounts depending on the severity of the bug Will pay up to $100K USD for exploitable bugs and exploit mitigation bypass t

Demystifying Debugging and Disassembling Applications. HTA-T10R. Global Head of Security Research. Sophos & SANS @JamesLyne. ... The Windows Kernel. 25. The modern Windows Kernel is very complex, requires ... Attacking the Kernel. 28. #RSAC.

Loading..

Tags:

  Applications, Windows, Demystifying, Kernel, Debugging, Attacking, The windows kernel, Windows kernel, Demystifying debugging and disassembling applications, Disassembling

Information

Related search queries