We were at PHDays!

May 25, 2014

One of our resident developers (xvilka) was at PHDays to do a talk (A fast-track one):

Application of Radare2 Illustrated by Shylock and Snakso.A Analysis

The speaker will present his experience of applying Radare2 — an open-source reverse engineering tool, and illustrate it by the examples of the Windows trojan Shylock and 64-bit Linux malware Snakso.A. The techniques of analysis include both statistical disassembling of the code and its debugging with Radare2.

The fact that radare2 is currently having a massive refactoring of one its low-layer component added some fun, since we fixed bug until a couple of hours before the talk.

We initially wanted to show that radare2 is a reliable tool to reverse malwares, but since the presentation has to fit in 15 minutes, malwares turned into a pretext to showcase features.

You can grab slides here.