PyREBox - Making Dynamic Instrumentation Great Again
Hack In The Box Security Conference via YouTube
Overview
Explore PyREBox, an open-source reverse engineering tool that combines QEMU emulation with Virtual Machine Introspection in this conference talk from Hack In The Box Security Conference. Discover how PyREBox allows inspection and modification of running QEMU VMs using Python scripts, without requiring guest OS modifications. Learn about its applications in malware analysis, including process debugging, API call tracing, code coverage analysis, and unpacking. Gain insights into PyREBox's internal workings, its comparison to other tools, and challenges in implementing Python-based fine-grained instrumentation. See demonstrations of PyREBox's capabilities for malware analysis, featuring newly released open-source scripts for PyREBox and IDA Pro.
Syllabus
#HITB2018AMS CommSec D2 - PyREBox: Making Dynamic Instrumentation Great Again - X. Ugarte-Pedrero
Taught by
Hack In The Box Security Conference