Workshop Material on VM-based Deobfuscation

Oct 01, 2021 1 min read

Analysis of Virtualization-based Obfuscation

This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We give a brief introduction into virtualization-based obfuscation and manually analyze a simple VM generated by Tigress. Afterward, we use symbolic execution to automate the analysis and write a dynamic VM disassembler that is based on Miasm.

The recording is available here.

Installation

# on debian/ubuntu based systems:
sudo apt-get install python-dev

# clone repository and init submodules
git clone https://github.com/mrphrazer/r2con2021_deobfuscation.git
cd r2con2021_deobfuscation
git submodule update --init --rebase --recursive

# install miasm
cd miasm
pip install -r requirements.txt
pip install .
cd ..

Contact

For more information, contact Tim Blazytko (@mr_phrazer).

GitHub

https://github.com/mrphrazer/r2con2021_deobfuscation

Reversing Deobfuscation

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.

Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation

Installation

Contact

GitHub

John

Azure AD Authentication for FastAPI apps made easy

Brute force attack tool for Azure AD Autologon/Seamless SSO

Analysis of Virtualization-based Obfuscation

Installation

Contact

GitHub

Azure AD Authentication for FastAPI apps made easy

Brute force attack tool for Azure AD Autologon/Seamless SSO

You might also like...