ReconMontreal2018 2018 June 15, 2018 to June 15, 2018, Montreal, Canada
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
Reverse Engineering Windows Defender Part II | Alexei Bulazel | Windows Defender Antivirus' mpengine.dll implements the core of Defender Antivirus' functionality in an enormous ~11 ... | |
Cloudy With a Chance of Malware | Marika Chauvin | In 2017, KASPERAGENT and a malware we’re calling Cloudy were identified emanating from threat actors ... | |
SiliVaccine: North Korea's weapon of Mass Detection | Mark Lechtik , Michael Kajiloti | Meet SiliVaccine - North Korea's national Anti-Virus solution. SiliVaccine is deployed widely and exclusively in ... | |
Breath of the RF Field | James Chambers | Nowadays any recent car up to 5 years old comes with something called “Infotainment”, this ... | |
Building a Damned Good Watch | Travis Goodspeed | In early 2018, I cloned a Casio 3208 calculator watch module with a new circuit ... | |
PreVice: Static Detection of Hooking Capabilities in Machine Code | Derek Soeder , Claudiu Teodorescu , Andy Wortman | In the future, static analysis catches hookers before they have a chance to act.We present ... | |
Meet Salinas, the first ever SMS-commanded Car Infotainment RAT | Daniel Regalado , Ken Hsu , Gerardo Iglesias | Nowadays any recent car up to 5 years old comes with something called “Infotainment”, this ... | |
Tracing Struct Accesses with Struct Stalker | Jeff Dileo | Struct Stalker is an LLDB script that instruments processes to trace struct/object accesses in C/C++ ... | |
Static instrumentation based on executable file formats | Romain Thomas | Many instrumentation techniques are based on modifying code or system environment of the target. It ... | |
Discovering the iOS Instruments Server | Troy Bowman | This presentation documents how I was able to reverse-engineer a privileged server running on iOS ... | |
Bushwhacking your way around a bootloader | Rebecca ".bx" Shapiro | Even when you have access to some binary's source code, it can still be challenging ... | |
Exploiting User-land vulnerabilities to Get Rogue App Installed Remotely on iOS 11 | Liang Chen , Marco Grassi | Apple has introduced several security enhancements to mitigate known attacks in iOS 11. Those enhancements ... | |
Malware Analysis and Automation using Binary Ninja | Erika Noerenberg | As threats have increased in prevalence and sophistication over the years, analysts simply need more ... | |
An Open-Source Machine-Code Decompiler | Peter Matula , Marek Milkovič | We present our machine-code decompiler called RetDec (Retargetable Decompiler). We have been developing RetDec in ... | |
Unknown Known DLLs and other Code Integrity Trust Violations | Alex Ionescu , James Forshaw | This talk will go over a number of code integrity technologies in Windows and their ... | |
Reverse Engineering Of Blockchain Smart Contracts | Patrick Ventuzelo | Many platforms using blockchain technology have emerged in 2017 and take the top 10 position ... | |
Rattle - an Ethereum EVM binary analysis framework | Ryan Stortz | The majority of smart contracts on the blockchain have no verified source code, but people ... | |
This Dump is a Puzzle | Phoebe Queen | Developing a puzzle solver to reconstruct embedded java firmwares from an unknown fragmented file system. | |
Sandbagility - Reverse Engineering Framework for Windows dynamic analysis | Eddy Deligne , François Khourbiga | There mainly three different approaches in malware reverse engineering: static, dynamic and sandboxed analysis. The ... | |
A Code Pirate's Cutlass | Evm | Large binaries produce giant call graphs and dividing up functionality in an automated way is ... | |
Taint-based return oriented programming | François Khourbiga , Colas Le Guernic | There are roughly two kinds of tools for return oriented programming (ROP): _syntactic_ tools that ... | |
Modern Linux Malware Exposed | Mariano Graziano , Emanuele Cozzi | The research on analysis and detection of malware has shown notable progresses over the years, ... | |
Analyzing TRISIS - the first Safety Instrumented System malware | Jimmy Wylie , K. Reid Wightman | Discovery of TRISIS/TRITON was a landmark event in the Industrical Control Systems (ICS) security community. ... | |
Sum Total of ISA Knowledge | Alex Kropivny | Hardware debug support or correct emulation often isn't available for embedded targets you'd like to ... | |
PWN Flash with Reflection and HashTables | Tao Yan , Bo Qu | Reflection is the ability of a program to examine, introspect, and modify its own structure ... | |
Create your own Fitness Tracker Firmware | Daniel Wegemer , Jiska Classen | The Fitbit ecosystem is briefly introduced to show how server, tracker and smartphone app work ... | |
Pwning Intel PIN | Julian Kirsch , Zhechko Zhechev | Binary instrumentation is a robust and powerful technique which facilitates binary code modification of computer ... |