Implementing Your Own Generic Unpacker

Explore the intricacies of implementing a generic unpacker in this comprehensive conference talk from HITB Security Conference 2015. Delve into the challenges of dealing with packed executables and learn how to create a stealthy and efficient unpacking tool. Discover internal Windows kernel mechanisms that need to be subverted, including kernel exception handling hooking, memory manager internals, and userland PE loader. Gain insights into full implementation details often omitted in other papers on this subject. Examine results on popular COTS packers and real-world, homemade packed malware samples. Benefit from the expertise of Julien Lenoir, a member of Airbus Group Innovation Cybersecurity Team, as he shares his experience in reverse engineering malware, vulnerability research, and exploitation.