search menu icon-carat-right cmu-wordmark

Subject: Reverse Engineering

Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra

Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra

• SEI Blog
Jeffrey Gennari

Object-oriented programs continue to pose many challenges for reverse engineers and malware analysts. C++ classes tend to result in complex arrangements of assembly instructions and sophisticated data structures that are hard to analyze at the machine code level. We've long sought to simplify the process of reverse engineering object-oriented code by creating tools, such as OOAnalyzer, which automatically recovers C++-style classes from executables. OOAnalyzer includes utilities to import OOAnalyzer results into other reverse engineering frameworks,...

Read More
Path Finding in Malicious Binaries: First in a Series

Path Finding in Malicious Binaries: First in a Series

• SEI Blog
Jeffrey Gennari

In a previous post, I discussed the Pharos Binary Analysis Framework and tools to support reverse engineering of binaries with a focus on malicious code analysis. Recall that Pharos is a framework created by our CERT team that builds upon the ROSE compiler infrastructure developed by Lawrence Livermore National Laboratory. ROSE provides a number of facilities for binary analysis including disassembly, control flow analysis, instruction semantics, and more. Pharos uses these features to automate common...

Read More