Oscar Llorente
Researcher in DT
Expertise: Scam, program analysis

Loading binaries in Linux

Executables are a static representation of a program and that at the time they are executed, the kernel uses the information included in those files to create a dynamic representation, better known as the process images. Before being able to execute

Dynamic binary instrumentation

In the previous post we talked about the possibilities to implement programs and carry out all kinds of tasks such as profiling or vulnerability detection. We also introduced Intel Pin, a dynamic binary instrumentation tool (mainly for IA32 and x86_64),

Program instrumentation options

Many of the methods of software testing and dynamic analysis of programs (not necessarily related to security) require inserting some additional instructions in the text of the program to obtain added information, that is, to instrument the program. For example,

Starting code debugging (II) – Breakpoints

One of the most useful functions provided by debuggers is setting breakpoints in certain lines of code to stop execution at those points and examine the status of the program. Breakpoints can be both hardware and software. GDB can set

Starting code debugging (I)

Errors are a collateral (and undesired) phenomenon that occur when writing code. Some, like syntactic errors, are easy to detect and correct, since normally the compiler,  interpreter or  IDE itself will warn us that we have some open parentheses for

The idea behind the symbolic execution

Following in the line of program analysis techniques, this time we are going to talk about a technique that is somewhere in between static techniques and dynamics, symbolic execution. It is a type of analysis that covers different limitations of


Our sandbox for packers