Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn to defeat sophisticated .NET malware obfuscation techniques using profiler-based dynamic binary instrumentation in this conference talk from Recon 2025. Discover how traditional static deobfuscation methods fail against modern protections that include runtime integrity checks, and explore a revolutionary framework that leverages .NET profilers to perform dynamic binary instrumentation at the MSIL level. Master techniques to bypass dynamic checks in obfuscation schemes, extract encrypted strings, and trace execution flows without modifying the original binary. Examine real-world case studies demonstrating how this approach overcomes the limitations of conventional analysis methods when dealing with obfuscated .NET malware. Gain practical insights through live demonstrations showing how reverse engineers can apply this powerful new methodology to analyze increasingly sophisticated malware that exploits .NET's development ease and stability while employing advanced obfuscation to evade detection.
