Reverse
EnGineering

Reverse engineering is the art of extracting knowledge or design information from a built artifact. We enjoy solving technical puzzles and are well-equipped to provide tailored services in this space.

Understanding the nitty-gritty details of a proprietary network protocol, extrapolating vulnerability details from a binary patch, or simplifying and reproducing obfuscated routines are just a few examples of the reverse engineering challenges successfully executed by our team.
  • binary analysis

    We have years of experience working on x86, x64, ARM, JVM's bytecode and other more. We read and write assembly code and understand how crashes happen.

    We have experience dissecting patches and cracking protected binaries to figure out exactly how they work. Native binaries are handled through manual reverse engineering, debugging, and instrumentation.

    Mostly through manual study, we are able to determine the functionalities provided by the binaries under examination. Using fuzzing and other dynamic techniques, we elicit unintended behaviors that could be used to subvert the security of a system.

  • protocols and file
    formats reversing

    We're passionate about reverse engineering challenges as they provide a unique opportunity to learn how things work under the hood.

    Being very familiar with complex protocol designs and file formats, our team can derive formats and specifications from samples. As we've done several times, we can create interoperable implementations of protocols and parsers to be used in both offensive security and software engineering applications.

    While reversing activities are tailored to the specific customer's need, we generally kick off these engagements by collecting and categorizing samples of network traffic or files. We manually study the interaction between systems using those protocols and files, and derive the underlying design. Whenever required, we build custom tools to be able to generate or parse those formats and messages. To end, we document all processes and results in a concise but precise report.

Protocol Dissection

  • Study and Categorize Unknown Protocols
  • Develop Specifications
  • Document Field Level Types
  • Reproduce Client and Server Pieces

File Formats

  • Document Unknown File Formats
  • Reproduction of File Formats from Binary Parsers
  • Develop New Parsers for Unknown Formats
  • Reproduce Files from Binary Streams
  • Document and Modify Integrity (CRC) Checks

Binary Modifications

  • Changing Feature Level Behavior in Binaries
  • Reproduction of Source Code from a Binary
  • Assessing Strength of DRM Solutions
  • Assessing Strength of MDM Solutions

Deobfuscation and Automation

  • Code Deobfuscation (Assembly, Javascript, etc)
  • Creating New and Novel Obfuscation Algorithms
  • Automating Behavior

Memory Corruption and Debugging

  • Program Instrumentation
  • Studying and Patching Vulnerabilities
  • Fuzzer Development
  • Binary and Low Level Language Code Audits

our research articles

Research is one of our founding principles and we invest in it heavily. All of our researchers have the privilege to use 25% of their time exclusively for self-directed research.

show more publications