SlideShare una empresa de Scribd logo

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

Descargar como PPTX, PDF
Source Conference
Source Conference
EmpresarialesTecnología
1 de 43
Reverse-Engineering Flash Files with SWFRETools Sebastian Porst (sp@porst.tv) – SOURCE Boston 2011
About Me 2
Current Work 3
What this talk is about Ship it! 4
What this talk is not about 5
Why is this relevant? 6
SWF Files: An Overview Header Tag 1 Tag 2 Tag 3 Tag 4 … Tag n 7
SWF Files: Interesting Aspects 8
Existing Tools SWFTools Flash Dump Decompiler swfmill Sothink SWF Decompiler 9
Problems with existing tools SWFTools Flash Dump Decompiler Crashes Old Limited Wrong tool swfmill Sothink SWF Decompiler 10
Introducing SWFRETools 11
Goals 12
Architecture 13
Tool I: The Parser 14
Parser Goals 15
Workflow Intermezzo I 16
Tool 2: Flash Dissector 17
Flash Dissector Goals 18
Flash Dissector Demo 19
Weaknesses of Flash Dissector 20
Flash Dissector Future 21
Workflow Intermezzo II 22
Static analysis vs Dynamic analysis 23
Detour: Flash Player Debugger 24
Detour: Flash Player Debugger 25
Tool III: Tracer/Debugger 26
Tracer Implementation 27
Last week in China 28
Last week in China 29
Tracer Plans 30
Workflow Intermezzo III 31
Minimizing sample files 32
Minimizing files without templates 33
Do not forget RETURN 34 Function A Function B Crash here
Tool IV: Minimizer 35
Automated minimizing 36
Minimizer Goals 37
Off to GitHub we go! Shipped! https://github.com/sporst 38
Call for participation 39
Summary 40
Thank you! 41 ?
Let me help … 42
Image Credits http://www.flickr.com/photos/markchadwick/4592186576/ 43

Recomendados

Script
ScriptScript
ScriptDavid Evans
 
How To Open Source
How To Open SourceHow To Open Source
How To Open SourceLucas Lira Gomes
 
Hack Day EU 2011 YQL
Hack Day EU 2011 YQLHack Day EU 2011 YQL
Hack Day EU 2011 YQLJonathan LeBlanc
 
Hack with YUI
Hack with YUIHack with YUI
Hack with YUILuke Smith
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser BotnetSource Conference
 
Travis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeTravis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeSource Conference
 
Reputation Digital Vaccine: Reinventing Internet Blacklists
Reputation Digital Vaccine: Reinventing Internet BlacklistsReputation Digital Vaccine: Reinventing Internet Blacklists
Reputation Digital Vaccine: Reinventing Internet BlacklistsSource Conference
 
Yahoo BOSS Presentation London Open Hack Day Talk Boss
Yahoo BOSS Presentation London Open Hack Day Talk BossYahoo BOSS Presentation London Open Hack Day Talk Boss
Yahoo BOSS Presentation London Open Hack Day Talk BossKorben00
 

Recomendados

Script
ScriptScript
ScriptDavid Evans
 
How To Open Source
How To Open SourceHow To Open Source
How To Open SourceLucas Lira Gomes
 
Hack Day EU 2011 YQL
Hack Day EU 2011 YQLHack Day EU 2011 YQL
Hack Day EU 2011 YQLJonathan LeBlanc
 
Hack with YUI
Hack with YUIHack with YUI
Hack with YUILuke Smith
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser BotnetSource Conference
 
Travis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeTravis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeSource Conference
 
Reputation Digital Vaccine: Reinventing Internet Blacklists
Reputation Digital Vaccine: Reinventing Internet BlacklistsReputation Digital Vaccine: Reinventing Internet Blacklists
Reputation Digital Vaccine: Reinventing Internet BlacklistsSource Conference
 
Yahoo BOSS Presentation London Open Hack Day Talk Boss
Yahoo BOSS Presentation London Open Hack Day Talk BossYahoo BOSS Presentation London Open Hack Day Talk Boss
Yahoo BOSS Presentation London Open Hack Day Talk BossKorben00
 
YQL - Christian Heilmann Open Hack London presentation
YQL - Christian Heilmann Open Hack London presentationYQL - Christian Heilmann Open Hack London presentation
YQL - Christian Heilmann Open Hack London presentationKorben00
 
Conférence Net Neutrality
Conférence Net NeutralityConférence Net Neutrality
Conférence Net NeutralityKorben00
 
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...Expolink
 
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...Positive Hack Days
 
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?Учебный центр "Эшелон"
 
Автоматический поиск уязвимостей в программах без исходных текстов
Автоматический поиск уязвимостей в программах без исходных текстовАвтоматический поиск уязвимостей в программах без исходных текстов
Автоматический поиск уязвимостей в программах без исходных текстовd_olex
 
Бинарные уязвимости и эксплойты: технологии и перспективы
Бинарные уязвимости и эксплойты: технологии и перспективыБинарные уязвимости и эксплойты: технологии и перспективы
Бинарные уязвимости и эксплойты: технологии и перспективыd_olex
 
David Snead - Nailing Down Security Regulations
David Snead - Nailing Down Security RegulationsDavid Snead - Nailing Down Security Regulations
David Snead - Nailing Down Security RegulationsSource Conference
 
Непрерывный анализ качества кода с помощью SonarQube
Непрерывный анализ качества кода с помощью SonarQubeНепрерывный анализ качества кода с помощью SonarQube
Непрерывный анализ качества кода с помощью SonarQubeVasilii Chernov
 
Double Dog Dare
Double Dog Dare Double Dog Dare
Double Dog Dare halffast
 
I want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICI want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICSource Conference
 
iBanking - a botnet on Android
iBanking - a botnet on AndroidiBanking - a botnet on Android
iBanking - a botnet on AndroidSource Conference
 
Контроль уязвимостей в программных приложениях
Контроль уязвимостей в программных приложенияхКонтроль уязвимостей в программных приложениях
Контроль уязвимостей в программных приложенияхjet_information_security
 
Non-Blocking Strategies for FFI
Non-Blocking Strategies for FFI Non-Blocking Strategies for FFI
Non-Blocking Strategies for FFIESUG
 
Using FlexUnit 4 with Flash CS5
Using FlexUnit 4 with Flash CS5Using FlexUnit 4 with Flash CS5
Using FlexUnit 4 with Flash CS5Ben Schmidtke III
 
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework ProjectRakuten Group, Inc.
 
How to play basketball with a soccer team? - Make IC development more agile
How to play basketball with a soccer team? - Make IC development more agileHow to play basketball with a soccer team? - Make IC development more agile
How to play basketball with a soccer team? - Make IC development more agileTobias Leisgang
 
Improving the Pharo VM
Improving the Pharo VMImproving the Pharo VM
Improving the Pharo VMFAST
 
Schizophrenic files
Schizophrenic filesSchizophrenic files
Schizophrenic filesAnge Albertini
 
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...Area41
 
Am\I\Doing\It\Right? Struktura plików w PHP
Am\I\Doing\It\Right? Struktura plików w PHPAm\I\Doing\It\Right? Struktura plików w PHP
Am\I\Doing\It\Right? Struktura plików w PHPThe Software House
 
What is (not) Pharo 8?
What is (not) Pharo 8?What is (not) Pharo 8?
What is (not) Pharo 8?FAST
 

Más contenido relacionado

Destacado

YQL - Christian Heilmann Open Hack London presentation
YQL - Christian Heilmann Open Hack London presentationYQL - Christian Heilmann Open Hack London presentation
YQL - Christian Heilmann Open Hack London presentationKorben00
 
Conférence Net Neutrality
Conférence Net NeutralityConférence Net Neutrality
Conférence Net NeutralityKorben00
 
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...Expolink
 
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...Positive Hack Days
 
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?Учебный центр "Эшелон"
 
Автоматический поиск уязвимостей в программах без исходных текстов
Автоматический поиск уязвимостей в программах без исходных текстовАвтоматический поиск уязвимостей в программах без исходных текстов
Автоматический поиск уязвимостей в программах без исходных текстовd_olex
 
Бинарные уязвимости и эксплойты: технологии и перспективы
Бинарные уязвимости и эксплойты: технологии и перспективыБинарные уязвимости и эксплойты: технологии и перспективы
Бинарные уязвимости и эксплойты: технологии и перспективыd_olex
 
David Snead - Nailing Down Security Regulations
David Snead - Nailing Down Security RegulationsDavid Snead - Nailing Down Security Regulations
David Snead - Nailing Down Security RegulationsSource Conference
 
Непрерывный анализ качества кода с помощью SonarQube
Непрерывный анализ качества кода с помощью SonarQubeНепрерывный анализ качества кода с помощью SonarQube
Непрерывный анализ качества кода с помощью SonarQubeVasilii Chernov
 
Double Dog Dare
Double Dog Dare Double Dog Dare
Double Dog Dare halffast
 
I want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICI want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICSource Conference
 
iBanking - a botnet on Android
iBanking - a botnet on AndroidiBanking - a botnet on Android
iBanking - a botnet on AndroidSource Conference
 
Контроль уязвимостей в программных приложениях
Контроль уязвимостей в программных приложенияхКонтроль уязвимостей в программных приложениях
Контроль уязвимостей в программных приложенияхjet_information_security
 

Destacado (13)

YQL - Christian Heilmann Open Hack London presentation
YQL - Christian Heilmann Open Hack London presentationYQL - Christian Heilmann Open Hack London presentation
YQL - Christian Heilmann Open Hack London presentation
 
Conférence Net Neutrality
Conférence Net NeutralityConférence Net Neutrality
Conférence Net Neutrality
 
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
Kaspersky endpoint security 8 для windows и kaspersky security center. лиценз...
 
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
Positive Hack Days. Олексюк. Автоматический поиск уязвимостей в программах бе...
 
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
Проведение сертификационных испытаний на отсутствие НДВ. Можно ли найти НДВ?
 
Автоматический поиск уязвимостей в программах без исходных текстов
Автоматический поиск уязвимостей в программах без исходных текстовАвтоматический поиск уязвимостей в программах без исходных текстов
Автоматический поиск уязвимостей в программах без исходных текстов
 
Бинарные уязвимости и эксплойты: технологии и перспективы
Бинарные уязвимости и эксплойты: технологии и перспективыБинарные уязвимости и эксплойты: технологии и перспективы
Бинарные уязвимости и эксплойты: технологии и перспективы
 
David Snead - Nailing Down Security Regulations
David Snead - Nailing Down Security RegulationsDavid Snead - Nailing Down Security Regulations
David Snead - Nailing Down Security Regulations
 
Непрерывный анализ качества кода с помощью SonarQube
Непрерывный анализ качества кода с помощью SonarQubeНепрерывный анализ качества кода с помощью SonarQube
Непрерывный анализ качества кода с помощью SonarQube
 
Double Dog Dare
Double Dog Dare Double Dog Dare
Double Dog Dare
 
I want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICI want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUIC
 
iBanking - a botnet on Android
iBanking - a botnet on AndroidiBanking - a botnet on Android
iBanking - a botnet on Android
 
Контроль уязвимостей в программных приложениях
Контроль уязвимостей в программных приложенияхКонтроль уязвимостей в программных приложениях
Контроль уязвимостей в программных приложениях
 

Similar a Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

Non-Blocking Strategies for FFI
Non-Blocking Strategies for FFI Non-Blocking Strategies for FFI
Non-Blocking Strategies for FFIESUG
 
Using FlexUnit 4 with Flash CS5
Using FlexUnit 4 with Flash CS5Using FlexUnit 4 with Flash CS5
Using FlexUnit 4 with Flash CS5Ben Schmidtke III
 
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework ProjectRakuten Group, Inc.
 
How to play basketball with a soccer team? - Make IC development more agile
How to play basketball with a soccer team? - Make IC development more agileHow to play basketball with a soccer team? - Make IC development more agile
How to play basketball with a soccer team? - Make IC development more agileTobias Leisgang
 
Improving the Pharo VM
Improving the Pharo VMImproving the Pharo VM
Improving the Pharo VMFAST
 
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...Area41
 
Am\I\Doing\It\Right? Struktura plików w PHP
Am\I\Doing\It\Right? Struktura plików w PHPAm\I\Doing\It\Right? Struktura plików w PHP
Am\I\Doing\It\Right? Struktura plików w PHPThe Software House
 
What is (not) Pharo 8?
What is (not) Pharo 8?What is (not) Pharo 8?
What is (not) Pharo 8?FAST
 
Visual Studio 2010 for SharePoint Developers
Visual Studio 2010 for SharePoint DevelopersVisual Studio 2010 for SharePoint Developers
Visual Studio 2010 for SharePoint Developersosullish
 
Introduction to Plone (November 2003)
Introduction to Plone (November 2003)Introduction to Plone (November 2003)
Introduction to Plone (November 2003)Kiran Jonnalagadda
 
Open source is for life, not just for Christmas
Open source is for life, not just for ChristmasOpen source is for life, not just for Christmas
Open source is for life, not just for ChristmasRichard Lord
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
“State of the Tooling” in Open Source Automation
“State of the Tooling” in Open Source Automation“State of the Tooling” in Open Source Automation
“State of the Tooling” in Open Source AutomationShane Coughlan
 
Apache Software Foundation: How To Contribute, with Apache Flink as Example (...
Apache Software Foundation: How To Contribute, with Apache Flink as Example (...Apache Software Foundation: How To Contribute, with Apache Flink as Example (...
Apache Software Foundation: How To Contribute, with Apache Flink as Example (...Apache Flink Taiwan User Group
 
Workshop: Introduction to Web Components & Polymer
Workshop: Introduction to Web Components & Polymer Workshop: Introduction to Web Components & Polymer
Workshop: Introduction to Web Components & Polymer John Riviello
 
Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.Luis Lopez
 
PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY
PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PYPyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY
PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PYKir Chou
 
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian CarrierOSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian CarrierBasis Technology
 

Similar a Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools (20)

Non-Blocking Strategies for FFI
Non-Blocking Strategies for FFI Non-Blocking Strategies for FFI
Non-Blocking Strategies for FFI
 
Using FlexUnit 4 with Flash CS5
Using FlexUnit 4 with Flash CS5Using FlexUnit 4 with Flash CS5
Using FlexUnit 4 with Flash CS5
 
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
[Rakuten TechConf2014] [E-4] Rakuten Front-end Framework Project
 
How to play basketball with a soccer team? - Make IC development more agile
How to play basketball with a soccer team? - Make IC development more agileHow to play basketball with a soccer team? - Make IC development more agile
How to play basketball with a soccer team? - Make IC development more agile
 
Improving the Pharo VM
Improving the Pharo VMImproving the Pharo VM
Improving the Pharo VM
 
Schizophrenic files
Schizophrenic filesSchizophrenic files
Schizophrenic files
 
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
Ange Albertini and Gynvael Coldwind: Schizophrenic Files – A file that thinks...
 
Am\I\Doing\It\Right? Struktura plików w PHP
Am\I\Doing\It\Right? Struktura plików w PHPAm\I\Doing\It\Right? Struktura plików w PHP
Am\I\Doing\It\Right? Struktura plików w PHP
 
What is (not) Pharo 8?
What is (not) Pharo 8?What is (not) Pharo 8?
What is (not) Pharo 8?
 
Visual Studio 2010 for SharePoint Developers
Visual Studio 2010 for SharePoint DevelopersVisual Studio 2010 for SharePoint Developers
Visual Studio 2010 for SharePoint Developers
 
Introduction to Plone (November 2003)
Introduction to Plone (November 2003)Introduction to Plone (November 2003)
Introduction to Plone (November 2003)
 
Open source is for life, not just for Christmas
Open source is for life, not just for ChristmasOpen source is for life, not just for Christmas
Open source is for life, not just for Christmas
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
“State of the Tooling” in Open Source Automation
“State of the Tooling” in Open Source Automation“State of the Tooling” in Open Source Automation
“State of the Tooling” in Open Source Automation
 
Apache Software Foundation: How To Contribute, with Apache Flink as Example (...
Apache Software Foundation: How To Contribute, with Apache Flink as Example (...Apache Software Foundation: How To Contribute, with Apache Flink as Example (...
Apache Software Foundation: How To Contribute, with Apache Flink as Example (...
 
Workshop: Introduction to Web Components & Polymer
Workshop: Introduction to Web Components & Polymer Workshop: Introduction to Web Components & Polymer
Workshop: Introduction to Web Components & Polymer
 
Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.
 
PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY
PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PYPyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY
PyCon TW 2017 - Why do projects fail? Let's talk about the story of Sinon.PY
 
FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16
FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16
FTC6 Jean-Emmanuel Rodriguez welcome Frogans Technology 6 2016/02/16
 
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian CarrierOSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
 

Más de Source Conference

From DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and BobsFrom DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and BobsSource Conference
 
Extracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus DerivativesExtracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus DerivativesSource Conference
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network SecuritySource Conference
 
Wfuzz para Penetration Testers
Wfuzz para Penetration TestersWfuzz para Penetration Testers
Wfuzz para Penetration TestersSource Conference
 
Security Goodness with Ruby on Rails
Security Goodness with Ruby on RailsSecurity Goodness with Ruby on Rails
Security Goodness with Ruby on RailsSource Conference
 
Securty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSecurty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSource Conference
 
Men in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserMen in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserSource Conference
 
Advanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done ItAdvanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done ItSource Conference
 
Adapting To The Age Of Anonymous
Adapting To The Age Of AnonymousAdapting To The Age Of Anonymous
Adapting To The Age Of AnonymousSource Conference
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Source Conference
 
Advanced (persistent) binary planting
Advanced (persistent) binary plantingAdvanced (persistent) binary planting
Advanced (persistent) binary plantingSource Conference
 
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to CloudLegal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to CloudSource Conference
 
Who should the security team hire next?
Who should the security team hire next?Who should the security team hire next?
Who should the security team hire next?Source Conference
 
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime LawThe Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime LawSource Conference
 
How To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security SpendHow To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security SpendSource Conference
 
Everything you should already know about MS-SQL post-exploitation
Everything you should already know about MS-SQL post-exploitationEverything you should already know about MS-SQL post-exploitation
Everything you should already know about MS-SQL post-exploitationSource Conference
 
Threat Modeling: Best Practices
Threat Modeling: Best PracticesThreat Modeling: Best Practices
Threat Modeling: Best PracticesSource Conference
 

Más de Source Conference (20)

From DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and BobsFrom DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and Bobs
 
Extracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus DerivativesExtracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus Derivatives
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network Security
 
Wfuzz para Penetration Testers
Wfuzz para Penetration TestersWfuzz para Penetration Testers
Wfuzz para Penetration Testers
 
Security Goodness with Ruby on Rails
Security Goodness with Ruby on RailsSecurity Goodness with Ruby on Rails
Security Goodness with Ruby on Rails
 
Securty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSecurty Testing For RESTful Applications
Securty Testing For RESTful Applications
 
Esteganografia
EsteganografiaEsteganografia
Esteganografia
 
Men in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserMen in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the Browser
 
Advanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done ItAdvanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done It
 
Adapting To The Age Of Anonymous
Adapting To The Age Of AnonymousAdapting To The Age Of Anonymous
Adapting To The Age Of Anonymous
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?
 
Advanced (persistent) binary planting
Advanced (persistent) binary plantingAdvanced (persistent) binary planting
Advanced (persistent) binary planting
 
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to CloudLegal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
 
Who should the security team hire next?
Who should the security team hire next?Who should the security team hire next?
Who should the security team hire next?
 
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime LawThe Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
 
JSF Security
JSF SecurityJSF Security
JSF Security
 
How To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security SpendHow To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security Spend
 
Everything you should already know about MS-SQL post-exploitation
Everything you should already know about MS-SQL post-exploitationEverything you should already know about MS-SQL post-exploitation
Everything you should already know about MS-SQL post-exploitation
 
Keynote
KeynoteKeynote
Keynote
 
Threat Modeling: Best Practices
Threat Modeling: Best PracticesThreat Modeling: Best Practices
Threat Modeling: Best Practices
 

Último

Planetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in LifePlanetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in LifeBhavana Pujan Kendra
 
Environmental Impact Of Rotary Screw Compressors
Environmental Impact Of Rotary Screw CompressorsEnvironmental Impact Of Rotary Screw Compressors
Environmental Impact Of Rotary Screw Compressorselgieurope
 
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...Hector Del Castillo, CPM, CPMM
 
Types of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfTypes of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfASGITConsulting
 
Jewish Resources in the Family Resource Centre
Jewish Resources in the Family Resource CentreJewish Resources in the Family Resource Centre
Jewish Resources in the Family Resource CentreNZSG
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environmentelijahj01012
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckHajeJanKamps
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
Driving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerDriving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerAggregage
 
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...ssuserf63bd7
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdfChris Skinner
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdfShaun Heinrichs
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdfShaun Heinrichs
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesDoe Paoro
 
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfGUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfDanny Diep To
 
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...Aggregage
 
EUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersEUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersPeter Horsten
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfJamesConcepcion7
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfShashank Mehta
 

Último (20)

Planetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in LifePlanetary and Vedic Yagyas Bring Positive Impacts in Life
Planetary and Vedic Yagyas Bring Positive Impacts in Life
 
Environmental Impact Of Rotary Screw Compressors
Environmental Impact Of Rotary Screw CompressorsEnvironmental Impact Of Rotary Screw Compressors
Environmental Impact Of Rotary Screw Compressors
 
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
How Generative AI Is Transforming Your Business | Byond Growth Insights | Apr...
 
Types of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdfTypes of Cyberattacks - ASG I.T. Consulting.pdf
Types of Cyberattacks - ASG I.T. Consulting.pdf
 
Jewish Resources in the Family Resource Centre
Jewish Resources in the Family Resource CentreJewish Resources in the Family Resource Centre
Jewish Resources in the Family Resource Centre
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environment
 
Pitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deckPitch Deck Teardown: Xpanceo's $40M Seed deck
Pitch Deck Teardown: Xpanceo's $40M Seed deck
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
Driving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon HarmerDriving Business Impact for PMs with Jon Harmer
Driving Business Impact for PMs with Jon Harmer
 
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
 
20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf20200128 Ethical by Design - Whitepaper.pdf
20200128 Ethical by Design - Whitepaper.pdf
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf
 
Unveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic ExperiencesUnveiling the Soundscape Music for Psychedelic Experiences
Unveiling the Soundscape Music for Psychedelic Experiences
 
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdfGUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
GUIDELINES ON USEFUL FORMS IN FREIGHT FORWARDING (F) Danny Diep Toh MBA.pdf
 
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
 
EUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersEUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exporters
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdf
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdf
 

Sebastian Porst - Reverse-Engineering Flash Files with SWFRETools

Notas del editor

  1. http://www.flickr.com/photos/markchadwick/4592186576/
  2. http://www.flickr.com/photos/markchadwick/4592186576/