Analysing malware can be a complex and tedious task to understand deeper how it works. Malware can use anti-analysis techniques such as obfuscation or packing than can significantly increase the analysis time.
Binary instrumentation is the process of adding new instructions into a program or modifying existing code of a program. This concept can be applied to malware analysis to speed up the analysis process and retrieving internal data without spending too much time debugging binaries. Additionally, you can integrate binary instrumentation into your own tools to enhance your malware analysis arsenal.
This presentation will explore the concept of binary instrumentation as it can be applied to malware analysis. We'll look at some of the most popular tools like Frida and show you how to use them to extract information and defeat anti-analysis techniques.