Reverse Engineering Object-Oriented Code with Ghidra and New Pharos Tools
Software Engineering Institute
Object-oriented programs continue to pose many challenges for reverse engineers and malware analysts. C++ classes tend to result in complex arrangements of assembly instructions and sophisticated data structures that are hard to analyze at the machine code level. At the SEI, we have long sought to simplify the process of reverse engineering object-oriented code by creating tools, such as OOAnalyzer, which automatically recover C++-style classes from executables.
OOAnalyzer includes utilities to import OOAnalyzer results into other reverse engineering frameworks, such as the IDA Pro Disassembler. In this podcast, Jeff Gennari and Cory Cohen discuss updates to the Pharos Binary Analysis Framework in GitHub, including a new plug-in to import OOAnalyzer analysis into the NSA's the recently released Ghidra software reverse engineering tool suite.
About the Speaker