The Long Journey to a Multi-Architecture Disassembler
Offered By: NorthSec via YouTube
Course Description
Overview
Explore the intricacies of developing a multi-architecture disassembler in this 47-minute conference talk from NorthSec 2019. Join Joan Calvet, a developer and reverse-engineer working on the JEB decompiler, as he shares insights from his journey in creating a versatile disassembler. Delve into topics such as intuitive strategies, non-returning calls and APIs, type libraries, basic block visual definitions and skeletons, branch delay slots, and the challenges of distinguishing code from data. Learn about instruction sets, the importance of comprehensive code analysis, and techniques for identifying library routines. Gain valuable knowledge applicable to reverse engineering and malware analysis from Calvet's experience at ESET and his presentations at renowned conferences like REcon, Hack.lu, and Virus Bulletin.
Syllabus
Introduction
Disassembler
Agenda
Toy Example
Intuitive Strategy
Instructions
NonReturning Calls
NonReturning APIs
Type Libraries
Basic Block Visual Definition
Basic Block Skeletons
Branch Delay Slot
JAB
Code vs Data
Instruction Set
All code matters
Identifying library routines
Conclusion
Taught by
NorthSec
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy