Blog Posts
Two Tools for Malware Analysis and Reverse Engineering in Ghidra
This post presents two tools for malware analysis and reverse engineering in Ghidra, the National Security Agency’s software reverse engineering tool suite.
• By Jeffrey Gennari
In Reverse Engineering for Malware Analysis
GhiHorn: Path Analysis in Ghidra Using SMT Solvers
We believe that many common challenges in malware analysis and reverse engineering can be framed in terms of finding a path to a specific point in a program.
• By Jeffrey Gennari
In Reverse Engineering for Malware Analysis
Introducing CERT Kaiju: Malware Analysis Tools for Ghidra
Ghidra provides a compelling environment for reverse engineering tools that are relatively easy to use during malware analysis. Our latest blog post highlights a new suite of tools, known as …
• By Garret Wassermann, Jeffrey Gennari
In Reverse Engineering for Malware Analysis
3 Ransomware Defense Strategies
Ransomware is evolving. Not only are there more attackers due to ransomware as a service (RaaS) threats, but ransomware attack strategies are changing with data exfiltration extortions, which I will …
• By Marisa Midler
In Reverse Engineering for Malware Analysis
Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra
This post explores how to use the new OOAnalyzer Ghidra Plugin to import C++ class information into the NSA's Ghidra tool and interpret results in the Ghidra SRE framework.
• By Jeffrey Gennari
In Reverse Engineering for Malware Analysis
Business Email Compromise: Operation Wire Wire and New Attack Vectors
In June 2018, Federal authorities announced a significant coordinated effort to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals....
• By Anne Connell
In Reverse Engineering for Malware Analysis
Path Finding in Malicious Binaries: First in a Series
In a previous post, I discussed the Pharos Binary Analysis Framework and tools to support reverse engineering of binaries with a focus on malicious code analysis. Recall that Pharos is....
• By Jeffrey Gennari
In Reverse Engineering for Malware Analysis
Security Begins at the Home Router
In recent days, the VPNFilter malware has attracted attention, much of it in the wake of a May 25 public service announcement from the FBI, as well as a number …
• By Vijay Sarvepalli
In Reverse Engineering for Malware Analysis
Big-Data Malware: Preparation and Messaging
Part one of this series of blog posts on the collection and analysis of malware and storage of malware-related data in enterprise systems reviewed practices for collecting malware, storing it, …
• By Brent Frye
In Reverse Engineering for Malware Analysis
Big-Data Malware: Collection and Storage
The growth of big data has affected many fields, including malware analysis. Increased computational power and storage capacities have made it possible for big-data processing systems to handle the increased …
• By Brent Frye
In Reverse Engineering for Malware Analysis