Static Instrumentation Based on Executable File Formats

Explore static instrumentation techniques for executable file formats in this 26-minute conference talk from Recon 2018 Montreal. Discover how modifying executable formats enables architecture-independent injection and hooking without requiring privileged environments. Learn about alternatives to traditional instrumentation methods that modify code or system environments, which may not work in scenarios with integrity checking or non-rooted environments. Gain insights from security engineer Romain Thomas, who specializes in developing tools for security researchers and has expertise in Android internals, (de)obfuscation, and software protections. Understand the potential applications and benefits of these techniques in various security research scenarios.