Understanding the nitty-gritty details of a proprietary network protocol, extrapolating vulnerability details from a binary patch, or simplifying and reproducing obfuscated routines are just a few examples of the reverse engineering challenges successfully executed by our team.
We have years of experience working on x86, x64, ARM, JVM's bytecode and other more. We read and write assembly code and understand how crashes happen.
We have experience dissecting patches and cracking protected binaries to figure out exactly how they work. Native binaries are handled through manual reverse engineering, debugging, and instrumentation.
Mostly through manual study, we are able to determine the functionalities provided by the binaries under examination. Using fuzzing and other dynamic techniques, we elicit unintended behaviors that could be used to subvert the security of a system.
protocols and file
We're passionate about reverse engineering challenges as they provide a unique opportunity to learn how things work under the hood.
Being very familiar with complex protocol designs and file formats, our team can derive formats and specifications from samples. As we've done several times, we can create interoperable implementations of protocols and parsers to be used in both offensive security and software engineering applications.
While reversing activities are tailored to the specific customer's need, we generally kick off these engagements by collecting and categorizing samples of network traffic or files. We manually study the interaction between systems using those protocols and files, and derive the underlying design. Whenever required, we build custom tools to be able to generate or parse those formats and messages. To end, we document all processes and results in a concise but precise report.
- Study and Categorize Unknown Protocols
- Develop Specifications
- Document Field Level Types
- Reproduce Client and Server Pieces
- Document Unknown File Formats
- Reproduction of File Formats from Binary Parsers
- Develop New Parsers for Unknown Formats
- Reproduce Files from Binary Streams
- Document and Modify Integrity (CRC) Checks
- Changing Feature Level Behavior in Binaries
- Reproduction of Source Code from a Binary
- Assessing Strength of DRM Solutions
- Assessing Strength of MDM Solutions
Deobfuscation and Automation
- Creating New and Novel Obfuscation Algorithms
- Automating Behavior
Memory Corruption and Debugging
- Program Instrumentation
- Studying and Patching Vulnerabilities
- Fuzzer Development
- Binary and Low Level Language Code Audits
our research articles
Research is one of our founding principles and we invest in it heavily. All of our researchers have the privilege to use %25 of their time exclusively for self-directed research.show more publications