BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Defeating the Transparency Feature of DBI

Black Hat via YouTube

Start learning Write review

Overview

Limited-Time Offer: Up to 75% Off Coursera Plus!
7000+ certificate courses from Google, Microsoft, IBM, and many more.
India: 75% Off World: 40% Off
This course teaches techniques to break the transparency feature of popular dynamic binary instrumentation (DBI) tools like DynamoRIO and PIN. Students will learn how to detect and differentiate behaviors when running on native hosts, with DBI, and on virtual machines using specially crafted X86 instruction sequences. The course covers position independent NOP sequences to evade detections and explores different types of X86 decoders. The intended audience for this course includes cybersecurity professionals, malware analysts, and individuals interested in program analysis and manipulation.

Syllabus

Introduction
About Colin Lee
Binary Instrumentation
Observing Program Behavior
Code Cache
Dynamic Binary Instrumentation
Popular Tools
Transparency
Fuzzing
Run twice
Simple implementation artifacts
Checking the parent process
More clues
Another artifact
Summary
Quick Example
Fancy Examples
Simple Example
New Example
Initial Idea
What can we do
Developer feedback
Robin assays
Panning
Is it possible
The problem
Questions
Conclusion

Taught by

Black Hat

Reviews

Start your review of Defeating the Transparency Feature of DBI

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.