Book Review: The IDA Pro Book, 2nd edition

Posted on March 22, 2013 by Simon Roses

If you like reverse engineering and want to learn all the secrets of IDA Pro, this is your book. This work written by Chris Eagle, a top expert on the subject, reveals the power of the best tool for reverse engineering. The IDA Pro, 2nd Edition (ISBN-13: 978-1593272890) along its 26 chapters describes how to use IDA Pro and all its options, as well as the decompiler, debugger and the emulator, and of course the development of scripts using IDC and Python (IDAPython) languages.

IDA Pro is a complex tool to analyze all types of binaries, but this book makes it easy for novices to learn and those who are already experts can benefit from reading it as well.

The advanced sections of extending IDA Pro using IDC or Python are priceless; the author includes many scripts very well explained. Personally I’m a big fan of Python so all the chapters related to IDAPython for me are the most interesting.

On the book website we can find more resources and a number of plugins for IDA Pro, of special interest the x86 Emulator plugin.

The code that the book analyzes is for x86 under Windows, but IDA Pro supports many more platforms such as ARM or binaries for Linux (ELF) and MacOS (Mach-o) among others.

Certainly a must-read for any cybersecurity professional where it is vital to possess the necessary skills to find vulnerabilities in software or analyze malware.

Score (1 rose, very bad / 5 roses, very good): 5 Roses (Mandatory Reading)

— Simon Roses Femerling

Posted in Books, Pentest, Security, Technology | Tagged , , , , , , | Leave a comment

Back to Black Hat Europe and my talk on Anti-Theft

Posted on March 18, 2013 by Simon Roses

Last Thursday 14 and Friday 15 March the Conference Black Hat Europe was held in the great city of Amsterdam, a mandatory event for cyber security experts.

For second year running I presented on R&D outlining the security posture of Anti-Theft programs for computers and Smartphones.

As always the event had interesting lectures and other not that much, but I recommend the reader to check them all and decide what you like most. The topics were quite varied such as forensics, pentesting, vulnerabilities and secure development.

Regarding my talk, you can find the presentation on the website of VULNEX (here).

From here I would like to greet the people of MundoHacker and the other Spaniards at the conference!

Greetings and see you at the next conference :)

— Simon Roses Femerling

Posted in Conference, Pentest, Security, Technology | Tagged , , , , , , , , , | Leave a comment

Dell, IBM and possible other tech giants should be ashamed

Posted on November 20, 2012 by Simon Roses

In time of crisis there is much speak about entrepreneurship as the engine to lift the economy, or at least in the Spanish crisis. Now well, who assists entrepreneurs?

As readers know I am the founder of VULNEX, a technology startup that offers highly specialized offensive and defensive cyber security services. In recent months I have been talking with tech giants such as Dell and IBM Spain to acquire a few servers that will allow us to improve our platform for R&D and services to our customers.

Obviously the purchase amount is small for these giants but for us it is a significant amount so we are interested in getting financing for the purchase and to our surprise: none of these 2 giants finance startups, they tell us that they only finance companies with more than 2 years of life. INCREDIBLE and SHAMEFUL!

I guess these companies have forgotten their roots and above all how and where they began. In my opinion it is disappointing that they do not even evaluate the project to determine their potential and just say NO. How easy is to say NO to small companies!

Now I understand why Dell has recently presented bad results, with that sales policy it is not surprising. And what to say about IBM, the monster patent…

But hey, so is the world of entrepreneurs, a constant struggle that unfortunately you get used to. Of course in VULNEX we are evaluating other options in order to execute this operation and improve our services despite all.

Be ready for some excited announcements in Q1 of 2013 ;)

Dear readers, what is your opinion on the support given by large enterprises to startups?

— Simon Roses Femerling

Posted in Business, Economics, Technology | Tagged , , , | Leave a comment