Binary Analysis
Binary Analysis tool survey Jul 30 2008 04:08PM
Sanjay R (2sanjayr gmail com) (1 replies)
Re: Binary Analysis tool survey Jul 31 2008 08:38AM
wishi (wishinet googlemail com) (1 replies)
Re: Binary Analysis tool survey Aug 01 2008 02:04PM
Sanjay R (2sanjayr gmail com)
Hi
Thank you to all who have responded. I have taken your inputs.
However, there few things that are still missing. As I asked in my
post about the features that should be used to compare or evaluate
analyzer Wishi provided with few, thanks). For example, How many
analyzers can work with Stripped binaries, how many have capabilities
to work with obfuscated code etc? More importantly, are there
anlayzers that have some warning capabilities from
security/vulnearability standpoint? So, if you have such features in
mind, it will help me a lot.
thanks a lot
-sanjay

On Thu, Jul 31, 2008 at 2:08 PM, wishi <wishinet (at) googlemail (dot) com [email concealed]> wrote:
> Sanjay R schrieb:
>>
>> Hi List:
>> I am starting a state-of-the-art survey in the field of code analysis
>> (methods and tools) with focus on binary analysis, from security
>> standpoint. In this regard, I need some input, from your experience
>> and knowledge. I am basically looking for:
>> 1. any existing article in the similar lines (though I have got few by
>> googling).
>> 2. what are the important features that must be considered when
>> assessing binary analysis capabilities of a tool.
>> 3. existing tools (freewares and commercial), so that there can be a
>> comparison in the end.
>>
>> thanking you in anticipation
>> regards
>> sanjay
>>
>>
>
> I think the term is "blackbox" analysis, I you've got no source. If you're
> focusing on source and binary analysis, that's Graybox analysis. The common
> way could be to use an (Interactive) Disassembler, dump the binary, and
> analyze it. The rest is dependent of the OS. There's IDA(Pro), ollbydbg (a
> debugger to locate the functions which are called). SoftICE, there's
> otool(e) for MacOS, maybe you want boomerang, there the gdb. There're some
> comercial disassembler, too. For whitebox analysis there's lot's of stuff.
> To my mind the important feature is speed ;), performance and an organized
> view of the dump. I like IDAPro and DDD.
>
> Greetings,
> wishi
>

--
Computer Security Learner

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus