The Subterfugue process sandbox

These are tools that let one run a process and, in a sense, selectively debug by telling the tool to perform analysis when conditions are met in the kernel, such as when a certain argument is sent to sendto() one could replace it on the stack with their own value. You could write your [...]

Posted at 8pm on 5/6/08 | no comments; | Filed Under: Reverse Engineering | read on

finding entropy in binary files

Update: added routine to print out hex data for blocks where entropy passes a given threshold. Tidied up code.
Ero Ventura responded yesterday to a request on OpenRCE concerning using entropy analysis to find RSA keys and other random blocks of data in binaries. Here in is a full wrapper for the [...]

Posted at 3am on 5/13/07 | 5 comments | Filed Under: Reverse Engineering | read on

About

My reviews and references for research and papers. Also see other personalities: prose, ramblings.  Note: due to a server crash some links might be broken.  If it is something of interest, let me know and I will recover the data.

RSS feed

Pages

Recently

Categories