RE: tools for searching potential BO in binary code

From: Syversen, Jason M (US SSA) (jason.syversen_at_baesystems.com)
Date: 06/15/05

  • Next message: Omar Herrera: "RE: the possibility of jumping back to code in an exploited program"
    Date: Wed, 15 Jun 2005 14:19:52 -0400
    To: "Kyle Quest" <Kyle.Quest@networkengines.com>, <vuln-dev@securityfocus.com>
    
    

    As mentioned below Bugscan was sold to LogicLibrary and is not called
    LogicScan. They are not selling Icebox as a product but they are selling
    Inspector, which is kind of an integrator for Ollydbg and IDA Pro with
    some plugins. Like Bugscan, really not cheap though. Halvar Flake will
    have something coming out in the September timeframe, see Sabre
    Security's web site for more information. Many people have home-grown
    utilities to do this work but don't productize/release it because that's
    where they get their 0-days from...

    Anyone else know of binary analysis tools that are out there, open
    source or commercial?

    - Jason

    -----Original Message-----
    From: Kyle Quest [mailto:Kyle.Quest@networkengines.com]
    Sent: Monday, June 13, 2005 12:15 PM
    To: vuln-dev@securityfocus.com
    Subject: RE: tools for searching potential BO in binary code

    It all depends on how much money you are
    willing to pay. There was something called Bugscan
    and it was definitely not cheap from what i understand.
    The program was originally developed
    by the company called HBGary (the name
    Greg Hoglund should ring the bell :-] ).
    It seems like it was spun off into a separate
    company. At some point Bugscan was acquired
    by LogicLibrary. I dont know what happened
    to it after that, but if you look at the HBGary
    website now, they seem to have some new product
    that might be useful (check out something called Icebox).

    Kyle

    -----Original Message-----
    From: Nix Yog [mailto:yognix@gmail.com]
    Sent: Wednesday, June 01, 2005 2:22 AM
    To: vuln-dev@securityfocus.com
    Subject: tools for searching potential BO in binary code

    hi all,
    something like bugscam, but more functional?


  • Next message: Omar Herrera: "RE: the possibility of jumping back to code in an exploited program"