SpiderPig is a project created for performing and visualizing data flow analysis of a selected binary program. SpiderPig was created in the purpose of providing a tool which would be able to help vulnerability and security researchers with tracing and analyzing any necessary data and it's further propagation. Such tasks are very often crucial in the vulnerability discovering/identifying process and typically require a lot of time consuming manual work. Following paper discusses methods and techniques implemented in SpiderPig in order to perform semi-automatic data flow analysis.
Paper is available here:
http://piotrbania.com/all/spiderpig/pbania-spiderpig2008.pdf
Simple video demo and some other things available on project website:
http://piotrbania.com/all/spiderpig/
Big thanks to Matt "skape" Miller and Julien Vanegue!
Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case)
Labels:
binary code manipulation,
dataflow,
spiderpig
1 komentarze:
was wondering when this would be out (: well done piotr. -KL
Post a Comment