Skip navigation.

ShmooCon 2011: Visual Malware Reversing

This past weekend I had the pleasure of presenting at ShmooCon 2011. This conference continues to be one of my favorites. Shmoocon is a small conference that is trying very hard to stay that way. This year I talked about my improvements to VERA over the past 6 months. Much of the talk was centered around live demos, which unfortunately did not make it to the slides. The new tracing module and updated versions of the VERA code will be posted here soon.

Video of the Talk
PDF of the Powerpoint Slides
Download the new VERA code here


Reverse engineering is a complicated process that has a lot of room for improvement. This talk will showcase some improvements to our visualization framework, VERA. New features that decrease the overall time to reverse a program will be shown. New items are a debugger based interface which allows for faster analysis without the need for a hypervisor, integrated trace processing tools, IDA Pro integration, and an API to interface with the display. During the talk I will reverse engineer malware samples, and show how to integrate it into your reversing process.


Please notify me when you

Please notify me when you delete my comment, I asked a question about source code of Vera, that's all