The Long Journey to a Multi-Architecture Disassembler
Offered By: NorthSec via YouTube
Course Description
Overview
Explore the intricacies of developing a multi-architecture disassembler in this 47-minute conference talk from NorthSec 2019. Join Joan Calvet, a developer and reverse-engineer working on the JEB decompiler, as he shares insights from his journey in creating a versatile disassembler. Delve into topics such as intuitive strategies, non-returning calls and APIs, type libraries, basic block visual definitions and skeletons, branch delay slots, and the challenges of distinguishing code from data. Learn about instruction sets, the importance of comprehensive code analysis, and techniques for identifying library routines. Gain valuable knowledge applicable to reverse engineering and malware analysis from Calvet's experience at ESET and his presentations at renowned conferences like REcon, Hack.lu, and Virus Bulletin.
Syllabus
Introduction
Disassembler
Agenda
Toy Example
Intuitive Strategy
Instructions
NonReturning Calls
NonReturning APIs
Type Libraries
Basic Block Visual Definition
Basic Block Skeletons
Branch Delay Slot
JAB
Code vs Data
Instruction Set
All code matters
Identifying library routines
Conclusion
Taught by
NorthSec
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network