Binary type inference in Ghidra

Binary type inference in Ghidra

By Ian Smith Trail of Bits is releasing BTIGhidra, a Ghidra extension that helps reverse engineers by inferring type information from binaries. The analysis is inter-procedural, propagating and resolving type constraints between ...

Finding bugs in C code with Multi-Level IR and VAST

Intermediate languages (IRs) are what reverse engineers and vulnerability researchers use to see the forest for the trees. IRs are used to view programs at different abstraction layers, so that analysis can ...
Windows Notification Facility: Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet

Introducing Windows Notification Facility’s (WNF) Code Integrity

By Yarden Shafir, Senior Security Engineer WNF (Windows Notification Facility) is an undocumented notification mechanism that allows communication inside processes, between processes, or between user mode processes and kernel drivers. Similar to ...
SyScan'14 Singapore: All About The Rpc, Lrpc, Alpc, And Lpc In Your Pc By Alex Ionescu

Introducing RPC Investigator

A new tool for Windows RPC research By Aaron LeMasters Trail of Bits is releasing a new tool for exploring RPC clients and servers on Windows. RPC Investigator is a .NET application ...
Look out! Divergent representations are everywhere!

Look out! Divergent representations are everywhere!

By Andreas Kellas Trail of Bits recently published a blog post about a signed integer overflow in certain versions of SQLite that can enable arbitrary code execution and result in a denial ...

We do Windows now

At Trail of Bits, we pride ourselves on building tools that everyone can use to help improve the security ecosystem. Given how ingrained Microsoft is with a large portion of our work ...
DEF CON 29 Red Team Village - Panel - The future of AI, Machine Learning, and Offensive Security

Secure your machine learning with Semgrep

By Suha Hussain tl;dr: Our publicly available Semgrep ruleset now has 11 rules dedicated to the misuse of machine learning libraries. Try it out now! Picture this: You’ve spent months curating images, ...

Are blockchains decentralized?

A new Trail of Bits research report examines unintended centralities in distributed ledgers Blockchains can help push the boundaries of current technology in useful ways. However, to make good risk decisions involving ...
session-18: Attacks + Cryptography in the Ads Ecosystem II + discussion (see description)

Themes from Real World Crypto 2022

By William Woodruff Last week, over 500 cryptographers from around the world gathered in Amsterdam for Real World Crypto 2022, meeting in person for the first time in over two years. As ...
Toward a Best-of-Both-Worlds Binary Disassembler

Toward a Best-of-Both-Worlds Binary Disassembler

By Stefan Nagy This past winter, I was fortunate to have the opportunity to work for Trail of Bits as a graduate student intern under the supervision of Peter Goodman and Artem ...