Dynamic Data Resolver IDA Plugin - Extending IDA with Dynamic Data

Explore a powerful IDA plugin that enhances malware analysis capabilities in this 39-minute conference talk from NorthSec 2020. Dive into the Dynamic Data Resolver, an innovative tool that instruments binaries using the DynamoRIO framework to uncover dynamic values often missed in static analysis. Learn how this plugin can resolve register and memory location values, identify jump locations, detect runtime-decoded strings, dump interesting buffers, and even patch binaries to bypass anti-analysis techniques. Gain insights into the DynamoRIO instrumentation framework basics, understand the plugin's architecture and features, and witness its effectiveness through a live demonstration. Discover how this tool can significantly reduce malware analysis time, presented by Holger Unterbrink, a threat researcher from Cisco Talos known for uncovering major cyber attacks like NotPetya and WannaCry.

NorthSec 2020 – Holger Unterbrink – Dynamic Data Resolver IDA plugin