Reverse All the Things with PANDA presented at CSAWthreads 2014

by Brendan Dolan-gavitt,

Summary : PANDA is a new, open source dynamic analysis framework based on QEMU that has been built to facilitate whole-system reverse engineering. PANDA incorporates whole-system record and replay, taint analysis, lifting to LLVM, and support for emulating the Android platform. In this talk, I will describe how to to use PANDA to speed up a number of reverse engineering tasks, including circumventing copyright protection on a piece of older software, extracting censorship blacklists from IM clients, and understanding vulnerabilities. All code and data will be made available on PANDA Share so others can replicate and extend our findings.
Brendan Dolan-Gavitt is a postdoctoral researcher at Columbia University working on making reverse engineering automated and available to everyone. Prior to joining Columbia he did a PhD at Georgia Tech under Wenke Lee, working on virtual machine introspection, memory forensics, and reverse engineering.