reversing

Celebrating our 2024 open-source contributions

| | Artificial Intelligence, blockchain, Compilers, cryptography, LLVM, machine learning, open source, reversing, supply chain
While Trail of Bits is known for developing security tools like Slither, Medusa, and Fickling, our engineering efforts extend far beyond our own projects. Throughout 2024, our team has been deeply engaged ...
Trail of Bits Blog
Binary type inference in Ghidra

Binary type inference in Ghidra

| | Research Practice, reversing
By Ian Smith Trail of Bits is releasing BTIGhidra, a Ghidra extension that helps reverse engineers by inferring type information from binaries. The analysis is inter-procedural, propagating and resolving type constraints between ...
Trail of Bits Blog

Finding bugs in C code with Multi-Level IR and VAST

| | Compilers, Research Practice, reversing
Intermediate languages (IRs) are what reverse engineers and vulnerability researchers use to see the forest for the trees. IRs are used to view programs at different abstraction layers, so that analysis can ...
Trail of Bits Blog
Towards Practical Security Optimizations for Binaries

Towards Practical Security Optimizations for Binaries

| | attacks, Exploits, reversing, Static Analysis
By Michael D. Brown, Senior Security Engineer To be thus is nothing, but to be safely thus. (Macbeth: 3.1) It’s not enough that compilers generate efficient code, they must also generate safe ...
Trail of Bits Blog
Toward a Best-of-Both-Worlds Binary Disassembler

Toward a Best-of-Both-Worlds Binary Disassembler

| | Research Practice, reversing, Static Analysis
By Stefan Nagy This past winter, I was fortunate to have the opportunity to work for Trail of Bits as a graduate student intern under the supervision of Peter Goodman and Artem ...
Trail of Bits Blog
Playing with GuLoader Anti-VM techniques

Playing with GuLoader Anti-VM techniques

| | Anti-VM, Blog, GuLoader, Malware, research, reversing
GuLoader is one of the most widely used loaders to distribute malware throughout 2020. Among the malware families distributed by GuLoader, we can find FormBook, AgentTesla and other commodity malware. A recent ...
Blueliv
svcli

Verifying Windows binaries, without Windows

| | cryptography, reversing
TL;DR: We’ve open-sourced a new library, μthenticode, for verifying Authenticode signatures on Windows PE binaries without a Windows machine. We’ve also integrated it into recent builds of Winchecksec, so that you can ...
Trail of Bits Blog
Some of mishegos's output, visualized.

Destroying x86_64 instruction decoders with differential fuzzing

| | fuzzing, reversing
TL;DR: x86_64 decoding is hard, and the number and variety of implementations available for it makes it uniquely suited to differential fuzzing. We’re open sourcing mishegos, a differential fuzzer for instruction decoders ...
Trail of Bits Blog
binja1

Reverse Taint Analysis Using Binary Ninja

| | Binary Ninja, Internship Projects, krf, reversing, Static Analysis, taint analysis
by Henry Wildermuth, Horace Mann High School We open-sourced a set of static analysis tools, KRFAnalysis, that analyze and triage output from our system call (syscall) fault injection tool KRF. Now you ...
Trail of Bits Blog

Announcing Automated Reverse Engineering Trainings

| | Binary Ninja, reversing, Static Analysis, training
Consider our modular trainings. They can be organized to suit your company’s needs. You choose the number of skills and days to spend honing them ...
Trail of Bits Blog
Load more