This is going to be a busy summer. I am helping my friend Matt with some training at BlackHat. The training covers binary static analysis concepts and implementation. Matt can't write any implementation code for various reasons, but he is driving the development with slides from the class and test binaries. I will be writing all the code for the class. I'm using it as an opportunity to learn C# and test driven development. Matt's blog has some preparatory material for the class, which I used to learn the basics of C# and TDD. I will be adding some material here as well.

I am also speaking at defcon. The first talk is entitled: Bridging the Gap between Static and Dynamic Reversing. The talk will cover ways to use static disassembly and runtime debugging together to yield better results. In order to make this easier, I'll be releasing a couple of IDA Pro plugins.

pdbgen - This plugin takes symbolic information from IDA and generates custom pdb files. Microsoft does not document the internal format of pdb files. I will be publishing some internal details here as I discover them.

REdress - This plugin will reinsert debug information into ELF files. The name comes from fenris written by Michal Zalewski. In fenris he included a program called dress(opposite of strip) to reinsert library information into files using detection methods similar to FLIRT.

For the other two talks, I will also be working with Matt. The first one is a very condensed version of the training. The second talk is on pair programming and tdd. For people that want to participate in pair programming sessions on the code should attend both talks and take a look at some of the preparatory material here.

See ya in Vegas!