Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-21-2017, 14:09
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 570 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
RECON 2017 (Montreal) SLIDES (and other ARCHIVED slides)

SLIDES from Recon 2017 (Montreal) :

Get them HERE .
Quote:
LIST OF SLIDES :

BASS Automated Signature Synthesizer Mariano Graziano, Jonas Zaddach

BinCAT: purrfecting binary static analysis Philippe Biondi, Xavier Mehrenberger, Raphaël Rigo, Sarah Zennou

Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking - Mateusz “j00ru” Jurczyk

Bubble Struggle - Call Graph Visualization with Radare2 - Marion Marschalek

You can run, but you can’t hide - Vlad Sabaka

Crypton - Exposing malware’s deepest secrets - Julia karpin, Anna Dorfman

Reverse Engineering DSSS - Michael Ossmann

Exporting IDA Debug Information - Adam Schwalm

FreeCalypso: a fully liberated GSM baseband - Mychaela Falconia

POSTSCRIPT - FreeCalypso: a fully liberated GSM baseband - Mychaela Falconia

Hacking Cell Phone Embedded Systems -Keegan Ryan

The Life-Changing Magic of IDAPython: Embedded Device Edition - Maddie Stone

MazeWalker - Enriching static malware analysis - Yevgeniy Kulakov

Miasm: reverse engineering framework - Fabrice Desclaux, Camille Mougey

ZapZap! bangBang! - Ang Cui, Rick Housley

ALL ARCHIVES of RECON (SLIDES, VIDEOS etc) :

Link here .
Reply With Quote
The Following User Gave Reputation+1 to TechLord For This Useful Post:
niculaita (07-21-2017)
The Following 3 Users Say Thank You to TechLord For This Useful Post:
h8er (11-20-2017), mak (08-01-2017), tonyweb (07-23-2017)
  #2  
Old 07-21-2017, 18:31
t3xc0d3 t3xc0d3 is offline
Friend
 
Join Date: Oct 2016
Posts: 9
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 0
Thanks Rcvd at 24 Times in 9 Posts
t3xc0d3 Reputation: 4
The slides of Recon Montreal 2017 are still missing in the archive. However, they are linked here:

https://recon.cx/2017/montreal/slides/

edit:

Quote:
Originally Posted by TechLord View Post
[B][I]No, please see the FIRST LINK in my first post above.
oh, I missed it. sorry for that!

Last edited by t3xc0d3; 07-22-2017 at 16:12.
Reply With Quote
The Following 3 Users Say Thank You to t3xc0d3 For This Useful Post:
niculaita (07-21-2017), sendersu (07-22-2017), tonyweb (07-23-2017)
  #3  
Old 07-22-2017, 11:14
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 570 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by t3xc0d3 View Post
The slides of Recon Montreal 2017 are still missing in the archive. However, they are linked here:

https://recon.cx/2017/montreal/slides/
No, please see the FIRST LINK in my first post above.
It's right under the title.


They are NOT missing in my first post above

It contains the links to the slides for 2017 !
Reply With Quote
  #4  
Old 07-22-2017, 18:12
professor.frink professor.frink is offline
Friend
 
Join Date: Feb 2014
Posts: 41
Rept. Given: 12
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 24
Thanks Rcvd at 10 Times in 9 Posts
professor.frink Reputation: 4
Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking - Mateusz “j00ru” Jurczyk

recommended
Reply With Quote
  #5  
Old 07-22-2017, 18:32
deepzero's Avatar
deepzero deepzero is offline
VIP
 
Join Date: Mar 2010
Location: Germany
Posts: 300
Rept. Given: 111
Rept. Rcvd 64 Times in 42 Posts
Thanks Given: 178
Thanks Rcvd at 215 Times in 92 Posts
deepzero Reputation: 64
Quote:
Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking - Mateusz “j00ru” Jurczyk

recommended
Yes, great talk indeed. Can anyone speculate why he used bochs over qemu for this?
Reply With Quote
The Following User Says Thank You to deepzero For This Useful Post:
tonyweb (08-27-2017)
  #6  
Old 08-27-2017, 02:09
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 158
Rept. Given: 113
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 458
Thanks Rcvd at 202 Times in 75 Posts
sh3dow Reputation: 79
Quote:
Originally Posted by deepzero View Post
Can anyone speculate why he used bochs over qemu for this?
from j00ru blog
"We decided to use Bochs because it is by far easier to write instrumentation for, i.e. it has a very intuitive and simple instrumentation API, documentation and examples you can use to cleanly and elegantly implement the desired logic. As far as we are concerned, hacking on qemu is much more difficult because of lacking instrumentation support and horribly written code."

Last edited by sh3dow; 08-27-2017 at 02:19.
Reply With Quote
The Following 2 Users Say Thank You to sh3dow For This Useful Post:
deepzero (08-28-2017), tonyweb (08-27-2017)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Black Hat USA 2017 TechLord General Discussion 4 08-31-2017 12:48
Black Hat Asia 2017 TechLord General Discussion 0 04-01-2017 07:53
Happy New Year 2017 Zipdecode General Discussion 44 03-14-2017 19:38


All times are GMT +8. The time now is 18:41.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )