![Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. artwork](https://is2-ssl.mzstatic.com/image/thumb/Podcasts/v4/72/67/63/726763f4-d563-024c-5880-49dcaabf2fb4/mza_7096284172862428647.jpg/100x100bb.jpg)
Danny Quist & Valsmith: Covert Debugging: Circumventing Software Armoring Techniques
Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.
English - January 09, 2006 23:10 - 48 minutes - 87.4 KB Video - ★★★★★ - 1 ratingTechnology News Tech News blackhat usa 2006 black hat vegas blackhat vegas hacking convention computer security speeches presentations spoken word video Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Next Episode: HD Moore & Valsmith: Tactical Exploitation-Part 2
Software armoring techniques have increasingly created problems for reverse engineers and software analysts. As protections such as packers, run-time obfuscators, virtual machine and debugger detectors become common newer methods must be developed to cope with them. In this talk we will present our covert debugging platform named Saffron. Saffron is based upon dynamic instrumentation techniques as well as a newly developed page fault assisted debugger. We show that the combination of these two techniques is effective in removing armoring from the most advanced software armoring systems. As a demonstration we will automatically remove packing protections from malware.