[Taken] Detecting broken security in hybrid Android apps

Many modern Android applications make use of a webview – a component providing easy access to the rendering engine and JavaScript interpreter of a full browser. The content shown by a webview can be loaded from a local resource or a remote server via HTTP and integrates seamlessly with the app. Webviews are popular with developers, … full description “[Taken] Detecting broken security in hybrid Android apps”

[Taken] Disassembling x86 binaries for static analysis and reverse engineering

The Jakstab static analyser for binaries automatically disassembles x86 binaries for Windows or Linux and reconstructs a control flow graph. It is particularly effective on targets that have been obfuscated with various tricks that throw off regular disassemblers such as IDA Pro. Jakstab disassembles one instruction at a time, translates it into an intermediate language, and then … full description “[Taken] Disassembling x86 binaries for static analysis and reverse engineering”

[Taken] Predicting Debug Symbols for Closed Source Binaries

Reverse engineering binaries, whether malicious or benign, is made more difficult by the absence of debug information. Variables and functions have had their identifiers “stripped”, so reverse engineers have to manually name them during analysis based on human understanding of the code functionality. The goal of this project is to use machine learning to predict … full description “[Taken] Predicting Debug Symbols for Closed Source Binaries”

System Provenance Collection from a Client Workstation

A client workstation in an enterprise network is used by individual employees. They use this workstation to perform different activities, including accessing the data stored in the enterprise data repositories (i.e., Database). These activities, which relate to accessing the data and then using it on a workstation are the crucial missing element in data compliance … full description “System Provenance Collection from a Client Workstation”

System Provenance Collection from a Database Server

A database server is a collection of an Operating System (OS) at its core that hosts a database – accessible from various services and devices in an enterprise network. The activities observed on the database server are of immense importance to show compliance with data governance policies. A crucial element of such a compliance is … full description “System Provenance Collection from a Database Server”