Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Learn to combat modern software protection techniques through an automated framework that tackles complex virtualization-based obfuscation in this DEF CON 33 conference talk. Discover how DragonSlayer combines symbolic execution with fine-grained dynamic taint tracking to systematically lift obfuscated bytecode from sophisticated protectors like VMProtect, Themida, and custom solutions that traditionally hinder static and dynamic analysis. Explore the methodology for precisely identifying VM handlers, recovering original instruction semantics, automatically unpacking multiple virtualization layers, and reconstructing analyzable representations of protected code. Examine real-world case studies demonstrating the framework's effectiveness against the latest commercial VM protectors and custom obfuscation solutions, showcasing how analysis time can be reduced from weeks to hours. Gain insights into technical deep-dives covering the approach's implementation, witness live demonstrations of the tooling in action, and understand how reverse engineers can leverage these techniques to overcome virtualization-based protection mechanisms that act as significant barriers in malware analysis and software reverse engineering.
