OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Topic created on: April 9, 2009 00:13 CDT by madzone .

I have to do 1 Year full time research for my degree, I am confused what topic should i choose. Recently i submitted my technical paper for "Anti Reversing Techniques" and now i was thinking to extend this topic as

"Anti Reversing Techniques Their Usage in Malware Development and Their Limitations"

What do you say ?

bunn		April 9, 2009 18:27.29 CDT
That's sort of generic, what exactly would you cover? Polymorphic code? Virtual Machines? Architecture or operating system discrepancies? Anti emulation? If I had an opportunity to do this I would go deep into one area that will work in any situation. I'd probably do research on metamorphism or a generic way to heavily obscure binaries in any architecture or operating system. I'd give examples of how metamorphic code would look in x86, then another for ARM, then anything else. IMO just talking about generic anti reversing techniques is done so much these days, I don't see anything complex often.

madzone		April 11, 2009 03:35.44 CDT
I hope i will try to go deep into polymorphism, but don't you think it will become very specific to one type of area for malware. I want to cover something like which should also be helpful in software components not specific to malware only. I want to be more specific toward software industry. I just want to give a idea about how these techniques are also being using in malware , and what is limitation of these techniques so reversers can still disasseble our code. Please Guide me and give me some idea about this. what sould i do. ?

Note: Registration is required to post to the forums.

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit