TitanEngine training course at ReCon
March 4, 2010

TitanEngine training course at ReCon

CODING UNPACKERS FOR FUN AND PROFIT: TITANENGINE TRAINING BY TOMISLAV PERICIN AND NICOLAS BRULEZ Learn how to analyze, unpack and code unpackers for software packers and protectors. Attendees will receive hands-on experience working with the ReversingLabs TitanEngine framework, designed for unpacker creation. Instructors: Tomislav Pericin and Nicolas Brulez Dates: 6-8 July 2010 Availability: 10 Seats

Read More
Ask a developer Monday
March 1, 2010

Ask a developer Monday

This is the second "Ask a developer Monday," in which we answer the most common question we've received recently. The current No. 1 question is: "Why is the entry point after unpacking located in the section named UPX0?"

Read More
Unpacking layered protections
February 23, 2010

Unpacking layered protections

Today we finish our AlexProtector unpacker. We started creating it last week with file format analysis. We initially intended to create a dynamic unpacker for this protection, but since it is just as "easy" to create a static one, we went for that option. We are a day late with our blog as a result, and we are glad we are, since we noticed some bugs in the Importer module that we have since resolved. But we did more then just bug fixing - we made some tweaks to the existing functions, improving import elimination protection support.

Read More
TitanEngine simplification project
February 18, 2010

TitanEngine simplification project

With over 385 functions, TitanEngine is surely overwhelming at first sight. To help you get over this initial barrier we have included many sample applications with the TitanEngine SDK. However that still involves learning the use of 20 - 30 functions and the general layout we envisioned for our dynamic unpackers. And even this can be a lot for someone who wants to perform simple tasks such as creating an unpacker for FSG packer.

Read More
Analyzing layered protections
February 15, 2010

Analyzing layered protections

There is hardly a software protection nowadays that has only a single layer of code containing the whole stub code. Even some software packers such as PeCompact implement multiple layers in the process of software decompression. It is common for these additional layers to do the most interesting protection operations, such as memory decompression, import table processing and entry point protection and redirection.

Read More
TitanEngine and Python SDK
February 8, 2010

TitanEngine and Python SDK

As we said in the blog dedicated to our latest TitanEngine release we are continuously working on expanding our SDK to support as much programming languages as possible. That is why the next major version update for TitanEngine will feature a support for Python scripting language. We are looking forward to seeing multiple unpacking scripts appearing with the next TitanEngine major release. Until next week...

Read More

Pages