icon-carat-right menu search cmu-wordmark

Poster - Improvements to Object Oriented Construct Recovery Using OOAnalyzer

Poster
This poster describes OOAnalyzer, which is now 50x faster and can analyze large programs.
Publisher

Software Engineering Institute

Topic or Tag

Abstract

Object-oriented programs pose many challenges for reverse engineers and malware analysts. C++ classes are complex and hard to analyze at the machine code level. We’ve long sought to simplify the process of reverse engineering object-oriented code by creating tools such as OOAnalyzer, which automatically recovers C++-style classes from executables. OOAnalyzer can export its results to other reverse engineering frameworks, and we’ve enhanced our Pharos Binary Analysis Framework to import OOAnalyzer analysis into the recently released Ghidra, software reverse engineering (SRE) tool suite. Ghidra provides the analyst many useful reverse engineering services, including disassembly, function partitioning, decompilation, and various other types of program analyses.