Program Analysis

Security flaws in an SSO plugin for Caddy

| | attacks, audits, Dynamic Analysis, Exploits, Go, Mitigations, Program Analysis, Semgrep, Static Analysis
By Maciej Domanski, Travis Peters, and David Pokora We identified 10 security vulnerabilities within the caddy-security plugin for the Caddy web server that could enable a variety of high-severity attacks in web ...
Trail of Bits Blog
What child is this?

What child is this?

| | Microsoft Windows, Program Analysis
A Primer on Process Reparenting in Windows By Yarden Shafir Process reparenting is a technique used in Microsoft Windows to create a child process under a different parent process than the one ...
Trail of Bits Blog
Magnifier: An Experiment with Interactive Decompilation

Magnifier: An Experiment with Interactive Decompilation

| | Internship Projects, Program Analysis, Static Analysis
By Alan Chang Today, we are releasing Magnifier, an experimental reverse engineering user interface I developed during my internship. Magnifier asks, “What if, as an alternative to taking handwritten notes, reverse engineering ...
Trail of Bits Blog
The invisible C# code

The invisible C# code

| | c-sharp-programming, dotnet, Program Analysis, Static Analysis, Syntax
Static Analysis of (the Invisible) C# SourcesFrom https://docs.microsoft.com/Does your static analysis tool see the C# source underlying your C# source? I am a compiler engineer at ShiftLeft, the designer and (main) implementor of ...
ShiftLeft Blog - Medium

Detecting Bad OpenSSL Usage

| | cryptography, Internship Projects, Program Analysis
by William Wang, UCLA OpenSSL is one of the most popular cryptographic libraries out there; even if you aren’t using C/C++, chances are your programming language’s biggest libraries use OpenSSL bindings as ...
Trail of Bits Blog
BSidesPhilly cg09 File Polyglottery or This Proof of Concept is Also a Picture of Cats Evan Sultanik

Two New Tools that Tame the Treachery of Files

| | darpa, Dynamic Analysis, Program Analysis, Research Practice
Parsing is hard, even when a file format is well specified. But when the specification is ambiguous, it leads to unintended and strange parser and interpreter behaviors that make file formats susceptible ...
Trail of Bits Blog

Siderophile: Expose your Crate’s Unsafety

| | Program Analysis, rust
Today we released a tool, siderophile, that helps Rust developers find fuzzing targets in their codebases. Siderophile trawls your crate’s dependencies and attempts to finds every unsafe function, expression, trait method, etc ...
Trail of Bits Blog
Performing Concolic Execution on Cryptographic Primitives

Performing Concolic Execution on Cryptographic Primitives

| | cryptography, Internship Projects, Manticore, Program Analysis
Alan Cao For my winternship and springternship at Trail of Bits, I researched novel techniques for symbolic execution on cryptographic protocols. I analyzed various implementation-level bugs in cryptographic libraries, and built a ...
Trail of Bits Blog
The Good, the Bad, and the Weird

The Good, the Bad, and the Weird

| | Exploits, Program Analysis
Let’s automatically identify weird machines in software. Combating software exploitation has been a cat-and-mouse game ever since the Morris worm in 1988. Attackers use specific exploitation primitives to achieve unintended code execution ...
Trail of Bits Blog
Binary view of the sum_of_squares function

Protecting Software Against Exploitation with DARPA’s CFAR

| | Compilers, McSema, Mitigations, Program Analysis
Today, we’re going to talk about a hard problem that we are working on as part of DARPA’s Cyber Fault-Tolerant Attack Recovery (CFAR) program: automatically protecting software from 0-day exploits, memory corruption, ...
Trail of Bits Blog
Load more