BloomTech’s Downfall: A Long Time Coming

Lost in the Loader - The Many Faces of the Windows PE File Format

Lost in the Loader - The Many Faces of the Windows PE File Format

Black Hat via YouTube Direct link

Intro

1 of 28
Next

1 of 28

Intro

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

Lost in the Loader - The Many Faces of the Windows PE File Format

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 The PE File Format
  3. 3 PE Headers
  4. 4 Section Table
  5. 5 The Subtle Problem of the PE Ecosystem
  6. 6 Implications of PE discrepancies
  7. 7 The Big Picture
  8. 8 Constraints Modelling
  9. 9 Modelling Phase
  10. 10 Language for Modelling Constraints
  11. 11 INPUT statements
  12. 12 Symbol Definition
  13. 13 (Terminal) Predicates
  14. 14 Conditional Statements
  15. 15 Analysis Framework
  16. 16 Validation Mode
  17. 17 Generation Mode
  18. 18 Model SMT Equivalence
  19. 19 Differential Test Case Generation
  20. 20 Differences Enumeration
  21. 21 Corner Case Generation
  22. 22 Modelled Software
  23. 23 Windows vs Windows
  24. 24 Windows vs. ClamAV
  25. 25 Memory Mapping Discrepancies
  26. 26 Notable Test Case
  27. 27 Malware Hunt Campaign Results
  28. 28 Takeaways

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.