Timeless Analysis & Debugging builds upon captures of a time slice of a program or a full system execution to provide unique analysis features. By alleviating the need for iterative debugging sessions, it brings a new and powerful perspective to reverse-engineering problems such as vulnerability analysis.
This hands-on lab will use the Tetrane’s REVEN platform to introduce the concepts of Timeless Analysis and Debugging on a full system trace. You will be proposed exercises on pre-recorded reverse-engineering scenarios related to software running on Microsoft Windows.
In the end, you will learn how to combine these approaches and how to use TA&D features to rapidly navigate from a real world crash to its root-cause data or from data to a potential crash.
This lab will present both REVEN’s GUI and its Python API. Basic proficiency in Python is recommended but not mandatory – answers will be provided along the lab to allow everyone to progress.
Workflow (working with VMs, record, replay, analyze), interfaces (GUI, API), connection with other RE tools, pros and cons.
Search for symbol calls and string operations, history of memory accesses, data flow tainting forward and backward, search for patterns in memory in a range of time.
From the start of his career in the software industry in 2008, Mathieu has had a passion for developing performant, low-level software.
Since his joining Tetrane in 2013 as an R&D engineer, he grew fonder of the security industry and its challenges. Now he divides his time between R&D and pre-sales activities: he regularly gives trainings of Tetrane’s timeless analysis & debugging tool REVEN, meets with its users, and is always on the lookout for new projects and features.
A short contest will be conducted with 3 REVEN Professional licenses up for grabs!1st Place – 12 month license2nd Place – 6 month license 3rd Place – 3 month license