Explore advanced techniques for discovering vulnerabilities in binary targets using knowledge graphs and static analysis. Learn about the workflow involving Assembly, SSA, Binary Ninja, and the Binary Ninja Plugin. Dive into the Kraken system, ontology, inference, and query language for hunting undefined behaviors. Examine the DARPA Cyber Grand Challenge, buffer overflow challenges, and source code analysis. Understand function nodes, running Kraken, tool sets, PM Analyze, and output interpretation. Discover the importance of CWE scripts and migration in vulnerability detection. This 48-minute conference talk from Derbycon 7 (2017) provides valuable insights into cutting-edge methods for enhancing binary security analysis.
Aiding Static Analysis - Discovering Vulnerabilities in Binary Targets through Knowledge Graph
via YouTube
Overview
Syllabus
Introduction
Overview
Workflow
Assembly
SSA
Binary Ninja
Binary Ninja Plugin
Kraken
Walks
Ontology
Inference
Query Language
Hunting
Undefined
Binary Ninja Image
Union
Comments
DARPA CyberGrand Challenge
DARPA
Buffer Overflow
Challenges
Source Code
Function Node
Running Kraken
Tool Set
PM Analyze
PM Analyze Output
Migration
CWE Scripts
What does this mean
What does this tell us
What I want out of this
