Covert Debugging Circumventing Software Armoring Techniques

  • Danny Quist
  • Published 2007

Abstract

Software armoring techniques have increasingly created problems for reverse engineers and software security analysts. As protections such as packers, run-time obfuscators, virtual machine and debugger detectors become common, newer methods must be developed to cope with them. In this paper we will present our covert debugging platform named Saffron. Saffron is based upon dynamic instrumentation techniques as well as a newly developed page fault assisted debugger. We show that the combination of these two techniques is effective in removing armoring from most software armoring systems.

1 Figure or Table

Cite this paper

@inproceedings{Quist2007CovertDC, title={Covert Debugging Circumventing Software Armoring Techniques}, author={Danny Quist}, year={2007} }