Learn the Skills Netflix, Meta, and Capital One Actually Hire For
AI, Data Science & Cloud Certificates from Google, IBM & Meta
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Learn a powerful methodology for efficiently analyzing binaries with unknown functions in this DEF CON 32 conference talk. Discover how to overcome the challenge of reverse engineering files lacking function signatures by creating and utilizing portable symbols, FunctionID, and BSim databases. Master techniques demonstrated through Golang-based qBit malware examples that can be applied to any binary type using Ghidra or other industry tools. Explore practical approaches to significantly reduce analysis time when faced with hundreds or thousands of unidentified functions, making reverse engineering more manageable and effective. Gain insights into scaling this methodology across analyst teams, creating a collaborative environment where shared symbol databases multiply the benefits. Access accompanying resources including scripts, databases, and a comprehensive Golang symbol dataset to immediately implement these techniques in your own reverse engineering practice.
Syllabus
DEF CON 32 No Symbols When Reversing No Problem Bring Your Own Max ‘Libra’ Kersten
Taught by
DEFCONConference